nexmo / jwt
A standalone package for creating JWTs for Nexmo/Vonage APIs
Requires
- lcobucci/jwt: ^3.3
- ramsey/uuid: ^3.9
Requires (Dev)
- phpstan/phpstan: ^0.12.25
- phpunit/phpunit: ^7.5
- squizlabs/php_codesniffer: ^3.5
README
This library requires a minimum PHP version of 7.1
This is the PHP library for generating JWTS to use Nexmo's API. To use this, you'll need a Nexmo account. Sign up for free at nexmo.com.
Installation
To use the client library you'll need to have created a Nexmo account.
To install the PHP client library to your project, we recommend using Composer.
composer require nexmo/jwt
You don't need to clone this repository to use this library in your own projects. Use Composer to install it from Packagist.
If you're new to Composer, here are some resources that you may find useful:
- Composer's Getting Started page from Composer project's documentation.
- A Beginner's Guide to Composer from the good people at ScotchBox.
Usage
If you're using Composer, make sure the autoloader is included in your project's bootstrap file:
require_once "vendor/autoload.php";
Create a Token Generator with the Application ID and Private Key of the Nexmo Application you want to access:
$generator = new Nexmo\JWT\TokenGenerator('d70425f2-1599-4e4c-81c4-cffc66e49a12', file_get_contents('/path/to/private.key'));
You can then retrieve a generated JWT token by calling the generate()
method on the Token Generator:
$token = $generator->generate();
This will return a string token that can be used for Bearer Authentication to Nexmo APIs that require JWTs.
Examples
Generating a token with a specific Time To Live
By default, Nexmo JWT tokens are generated with an Time To Live, or TTL, of 15 minutes after generation. In cases where the token lifetime
should be different, you can override this setting by calling the setTTL()
method on the Token Generator and passing the length of seconds
that the token should be valid for
$generator->setTTL(30 * 60); // Set expiration to 30 minutes after token creation
Setting ACLs
Nexmo JWTs will default to full access to all of the paths for an application, but this may not be desirable for cases where clients
may need restricted access. You can specify the paths that a JWT token is valid for by using the setPaths()
or addPath()
methods
to set the path information in bulk, or add individual paths in a more fluent interface.
// Set paths in bulk $generator->setPaths([ '/*/users/**', '/*/conversations/**' ]); // Set paths individually $generator->addPath('/*/users/**'); $generator->addPath('/*/conversations/**');
For more information on assigning ACL information, please see How to generate JWTs on the Nexmo Developer Platform
Contributing
This library is actively developed and we love to hear from you! Please feel free to create an issue or open a pull request with your questions, comments, suggestions and feedback.