HTTP Authentication Management for PHP

4.0.1 2023-06-13 15:43 UTC


Library to manage HTTP authentication with PHP.

Latest Version build Monthly Downloads


You can install this package quick and easy with Composer.

Require the package via Composer:

$ composer require intervention/httpauth


The workflow is easy. Just create an authentication instance in the first step and secure your resource with a second step.

Create authentication instance

To create HTTP authentication instances you can choose between different methods.

Create instance by using static factory method

use Intervention\HttpAuth\Authenticator;

$auth = Authenticator::basic('Secured Realm');

Create instance by using static universal factory method

use Intervention\HttpAuth\Authenticator;

// create basic auth by array
$auth = Authenticator::make([
    'type' => 'basic',
    'realm' => 'Secure Resource',
    'username' => 'admin',
    'password' => 'secret',

Create instance by using class constructor

use Intervention\HttpAuth\Authenticator;

$auth = new Authenticator(
   'Secure Resource',

// alternatively use methods to set properties
$auth = new Authenticator();
$auth->withCredentials('admin', 'secret');

Ask user for credentials

After you created a HTTP authentication instance, you have to call secure() to secure the resource. This results in a 401 HTTP response and the browser asking for credentials.


Server Configuration


If you are using Apache and running php with fast-cgi, check setting headers:


Intervention HttpAuth Class is licensed under the MIT License.