Add Authentication to your PHP App in 5 Minutes


I’m new to the IAM system so please forgive my naive questions.
I have been looking for an alternative to keycloak for my php application as there is no official documentation for php on the keycloak website/forum. Does okta support and maintain technical documentation for php applications?
The tutorial was really useful and It worked at my end.However when I logout and login again, it connects me directly without redirecting me to the okta login page and without asking for my credentials. How can I correct this please?
Also, in production mode, my application is accessed from a permanent url. How can I redirect my users to the okta login page without having to start my application with php - S each time?
Finally, for now, can users login with their outlook credentials?
Thanks for all your time.

Matt Raible

Hello Lyn,

We do have a PHP SDK. We’re also working on a WordPress plugin. Please visit out developer forums if you have other questions. Thanks!

Stefan S

Hi, is there an easy way to get from username to email address? appreciate your help!

Matt Raible

I’m not sure what you’re asking for. This example shows how to retrieve the email address. The username for Okta will always be an email address.

Stefan S

After google around I found that things like first name and if the email address is verified (which I meant with above) can be seen on userinfo endpoint.
Can you explain a bit more how to get the fields in userinfo back?
Thank you.


You’ll need to do two things. First, make sure you request the “profile” and “email” scopes in the request. Then when you get an access token, you can look up the user’s profile info at the userinfo endpoint by making a POST request with the access token. Then you’ll get back data like this:

sub: “00uqi4dbxSUVcAi2X356”,
name: “Aaron Parecki”,
locale: “en-US”,
preferred_username: “@.***”,
given_name: “Aaron”,
family_name: “Parecki”,
zoneinfo: “America/Los_Angeles”,
updated_at: 1594844338


I followed the instruction and able to setup the application. I have specific requirement
1. User log in to Okta account
2. Clicks on the assigned PHP app
3. User redirected to app and directly gets login.

I did not get any token when user clicks on app in okta and redirected to custom app.

Thanking you.

Ashish ojha

Hi. Is this article old?
I have created the application but unable to find the client ID and secret. And even the UI you have suggested seems older to me?
Please guide me how to configure using developer account?

Matt Raible

Yes. You can see from the date at the top that it was published in July 2018. We just made a number of UI changes, but you should still be able to see the client ID and secret after creating an app. Do you see an Applications menu in the left nav? If so, you should be able to click on it and see Applications > Add Application.

Ashish ojha

Thanks, I found it and successfully able to integrate.

daniel h

Hi Aaron, i have this one page app setup. What would the code routine
look like to pull the userinfo endopoint and then interate through all
of the returned values?

Hazem KH

How Can I Print my access token ?