This example shows how to build a simple REST API in core PHP and secure it with Okta using OAuth 2.0 Client Credentials Flow.
Please read https://developer.okta.com/blog/2019/03/08/simple-rest-api-php to see how this application was built.
Prerequisites: PHP, Composer, MySQL, Okta developer account
Okta has Authentication and User Management APIs that reduce development time with instant-on, scalable user infrastructure. Okta's intuitive API and expert support make it easy for developers to authenticate, manage, and secure users and roles in any application.
Sign up for an Okta developer account and create a new application. Make note of the Client ID and Issuer values for your application.
Clone this project using the following commands:
git@github.com:oktadeveloper/okta-php-core-rest-api-example.git
cd okta-php-core-rest-api-example
Create the database and user for the project:
mysql -uroot -p
CREATE DATABASE api_example CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'api_user'@'localhost' identified by 'api_password';
GRANT ALL on api_example.* to 'api_user'@'localhost';
quit
Copy and edit the .env
file and enter your database details and Okta details there:
cp .env.example .env
Install the project dependencies and start the PHP server:
composer install
cd public
php -S 127.0.0.1:8000
Loading 127.0.0.1:8000/person should return a 401 Unauthorized response now.
NOTE: if using a virtual machine and NAT, you might need to run the server as php -S 0.0.0.0:8000 -t public
instead.
In the public directory, simply run:
php client.php
If you see 'Obtaining token...success!' on the first line then Okta authentication is working correctly. After that, you should see the client app execute some API requests and dump the output.
Please post any questions as comments on the
, or visit our Okta Developer Forums. You can also email developers@okta.com if would like to create a support ticket.Apache 2.0, see LICENSE.