PHP JSON Web Token Tutorial For Beginners


In this article, I will share tutorial what JSON Web Token is? How to implement JWT in PHP? How to create a client to access RESTFUL API using JWT token?

JWT or JSON Web Token is a long and randomly generated string token used to authenticate and exchange information. In the API concept, we can’t use SESSION as we do in PHP. But in the API method itself, we use the Token concept where we send the secret code through the header which will be interpreted by the server for data security. The official website is in

How does JWT work?

JWT or Token is an encrypted password, so when users successfully login then the server will give a token. Then the Token will be stored by users on Local Storage or Cookies Browser and if the user wants to access certain page then must include the token. Then users will send back the tokens that have been given in advance as evidence if the user has been through the login process.

Token consists of three parts, namely

– header : contains algorithms and token types

– payload : information or data we want to send to users

– verify signature : the result of Hash or a combination of the contents of Header and Payload encode then added the secret code that you create

And the results of the three sections will be merged and automatically encoded into Token as follows.

The above tokens will be returned by the server and stored in local storage or browser cookies. Each time a user interacts with the API will include the token in the header (in general) or the post as authentication.

Tutorial Create JWT on PHP using firebase/PHP-JWT

Tutorial Php Jwt Authentication For Beginners Min

What is PHP-JWT? A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519.

Why use firebase/PHP-JWT?

Effective and efficient, you don’t have to bother creating scripts to generate JWT in PHP.

Installing firebase/php-jwt

Start PHP-JWT for beginners.

After you install the PHP-JWT library above, the first step to make the JWT token is very easy. Here’s a simple example of creating a JWT token using PHP


– In the payload section, there is variable “exp,” “exp” variable is used to record when token expires. “exp” is the date converted to time. If using PHP, you can use the time() function.

– Do not forget to use the try-catch function to encode and decode JWT token.

Next, I will apply JWT on Slim Framework to create a powerful RESTFUL API.

Steps to use JSON Web Token on Slim Framework using PHP-JWT Library

Installing slim framework using composer

Installing firebase / PHP-JWT into the slimAPI folder

For dummy data, I will create a JSON file containing the id and user along with the variable to store the token. Please create a db folder inside the slimAPI project folder and create a user.json file then fill in the following json script

Open the src folder then edit the middleware.php file and add the script.

Open routes.php in the src folder and copy the following code.

A brief description :

– To get Token, please visit HTTP://localhost/slimAPI/public/authenticate with post id = 1 and user = sigit. When a post sent, it will get a response of a token that can be used as a key access to another API URL that requires a token as authentication. See the following gif

Using Jwt Authenticate In Php With Php Jwt

– After getting the token, save the token in PHP or local storage session or database. Then to test it using the token. Visit HTTP://localhost/slimAPI/public/testJWT by adding a parameter in the authorization header like the following gif image.

Php Jwt With Slim Framework For Beginner

If you already create a restful API with JWT, the next step we will make the client app to access the server.

Create APP client to access RESTFUL API using JWT Authentication (PHP, JQUERY, And Angular)

I will apply how to access the restful API using JWT Authentication on three different applications such as PHP, JQUERY and Angular 4

PHP tutorial to access the API using JWT Authentication

Copy the following code:

The JQuery tutorial to access the Server APIs using JWT Authentication

Copy the following code

For implementation with Angular 4, I will give a piece of the program from the project I’m working on, so it’s not related to the API example above. Here’s my code accessing API Server using JWT Authentication on Angular 4

To download the source code sample of RESTFUL API project With PHP-JWT And How to Access it, please download through the following link. To open the download link, please share this article through the button that has been provided.

So my tutorial on PHP JSON Web Token Tutorial For Beginners may be useful

The following two tabs change content below.
This site is a personal Blog of Sigit Prasetya Nugroho, a Desktop developer and freelance web developer working in PHP, MySQL, WordPress.

Leave a Comment

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.