Json Web Token VS PHP OAuth 2.0 Server

Compare Json Web Token vs PHP OAuth 2.0 Server and see what are their differences.

Json Web Token

A simple library to work with JSON Web Token and JSON Web Signature (by lcobucci)

PHP OAuth 2.0 Server

A spec compliant, secure by default PHP OAuth 2.0 Server (by thephpleague)
Our great sponsors
  • Scout APM - Truly a developer’s best friend
  • talent.io - Download talent.io’s Tech Salary Report
  • InfluxDB - Build time-series-based applications quickly and at scale.
  • SonarQube - Static code analysis for 29 languages.
Json Web Token PHP OAuth 2.0 Server
4 7
6,766 6,157
- 0.3%
8.9 6.4
13 days ago 10 days ago
PHP PHP
BSD 3-clause "New" or "Revised" License MIT License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

Json Web Token

Posts with mentions or reviews of Json Web Token. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-08-09.

PHP OAuth 2.0 Server

Posts with mentions or reviews of PHP OAuth 2.0 Server. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-10-01.
  • oAuth2 server for SPA app
    3 projects | reddit.com/r/PHP | 1 Oct 2022
    I looked at the phpleague oauth2-server and there, they say that a SPA (front end in angular or react) should use Authorization code grant and not password grant (it seems password grant is not recommended to use anymore).
  • Oauth Authentication In Laravel: Social Login With Laravel Socialite
    2 projects | dev.to | 5 Jul 2022
    Laravel Passport facilitates full OAuth2 server implementation for Laravel Apps in less time. Developing an OAuth2 server from scratch can be tedious and time-consuming, but Laravel Passport is a local OAuth 2 server for Laravel apps. The Laravel Passport package embodies routes, middleware, and database migrations to develop an authorization server that will return access tokens for giving access permission to server resources. It uses the League OAuth2 Server package as a dependency and has a straightforward, easy-to-learn, and easy-to-implement language structure.
  • Zitadel: The best of Auth0 and Keycloak combined
    6 projects | news.ycombinator.com | 17 May 2022
    Disclosure: I work for FusionAuth.

    Depends on what you are looking for.

    If you want a standalone auth server, you can use FusionAuth in docker/docker-compose: https://fusionauth.io/docs/v1/tech/installation-guide/docker

    You can also package up a library; most major languages have one or more OAuth/OIDC libraries: https://github.com/doorkeeper-gem/doorkeeper for Ruby, https://spring.io/projects/spring-security for Spring/Java, https://oauth2.thephpleague.com/ for PHP, https://pypi.org/project/oauthlib/ for Python.

    https://oauth.net/code/ has a further selection of libraries in a variety of languages.

  • Is this a good way to secure my REST API?
    2 projects | reddit.com/r/PHPhelp | 15 May 2022
  • RFC: Sealed classes
    7 projects | reddit.com/r/PHP | 2 Mar 2022
    I completely agree with this!! Sometimes there's too much hubris in OSS; classes made final, methods made private- because the author has made their mind up about how the library should work and be used. But sometimes it's not possible to imagine every use case. If software is extensible and someone breaks their app by extending your library and doing something wrong, that's their problem. Take a look at this for example: https://github.com/thephpleague/oauth2-server/issues/885 here the authors don't want to make it more extensible because some people might encode too many claims into their tokens and run into problems with header size. Ffs get off your high horse and let people use their own judgement !! /rant
  • Weekly "ask anything" thread
    8 projects | reddit.com/r/PHP | 6 Sep 2021
    Otherwise, if I need something larger, then I would go towards OAuth and than in particular OAuth2 from the PHP league. It provides a good framework to work with to implement authentication in your project. Setting up is a bit of work, but when it works, you don't need to look at it again.

What are some alternatives?

When comparing Json Web Token and PHP OAuth 2.0 Server you can also consider the following projects:

Hawk - Hawk — A PHP Implementation

laravel-imap - Laravel IMAP is an easy way to integrate both the native php-imap module and an extended custom imap protocol into your Laravel app.

Sentinel - A framework agnostic authentication & authorization system.

Sign in with Apple for PHP - PHP library to verify and validate Apple IdentityToken and authenticate a user with Apple ID.

HybridAuth - Open source social sign on PHP Library. HybridAuth goal is to act as an abstract api between your application and various social apis and identities providers such as Facebook, Twitter and Google.

OAuth2 Server - documentation for the oauth2-server-php library

php-jwt - PHP package for JWT

OAuth 2.0 Client - Easy integration with OAuth 2.0 service providers.

Opauth - Multi-provider authentication framework for PHP