laragear / multi-auth
Authenticate multiple Composer packages from the same host using different credentials.
Maintainers
Package info
Type:composer-plugin
pkg:composer/laragear/multi-auth
Fund package maintenance!
Requires
- php: ^8.3
- composer-plugin-api: ^2.0
Requires (Dev)
- composer/composer: ^2.0
- mockery/mockery: ^1.6
- phpunit/phpunit: ^12.5
This package is auto-updated.
Last update: 2026-04-29 23:05:00 UTC
README
Authenticate multiple Composer packages from the same host using different credentials.
composer multi-auth:config laragear/web-checkout license ABC-123
Why this package?
Composer natively associates authentication credentials (like HTTP Basic, Bearer tokens, GitHub OAuth) with a single domain inside the auth.json file. If you have a private package registry serving multiple packages under the same domain (e.g. keygen.sh or github.com), you cannot easily use different credentials for different packages.
This plugin allows you to define authentication credentials per-package, overriding the default domain-based authentication, plus two useful authentication mechanisms:
{
"http-basic": {
"...": "..."
},
"laragear/web-checkout": {
"license": "$WEBCHECKOUT_LICENSE"
}
}
Become a sponsor
Your support allows me to keep this package free, up-to-date, and maintainable. Alternatively, you can spread the word!
Requirements
- PHP 8.3 or later.
- Composer 2.0 or later.
Installation
Require this package globally or into your project using Composer:
composer require global laragear/multi-auth
Important
If you require this in your project, the plugin will be active only for a single Composer project.
Usage
Instead of manually editing your auth.json file, use the provided multi-auth:config command. The command accepts the package name, the authentication type, and the required credentials:
Authentication Types
The following authentication types are supported:
HTTP Basic
Standard HTTP Basic authentication.
composer multi-auth:config vendor/package http-basic username password
Bearer Token
Standard Authorization Bearer token.
composer multi-auth:config vendor/package bearer my-secret-token
GitHub / GitLab
Token-based authentication for GitHub or Gitlab.
composer multi-auth:config vendor/package github-oauth my-github-token composer multi-auth:config vendor/package gitlab-oauth my-gitlab-token composer multi-auth:config vendor/package gitlab-token my-gitlab-private-token
License Key
Adds a custom Authentication: License <KEY> header.
composer multi-auth:config vendor/package license ABC-123-XYZ
Custom Query Parameters
You can append custom query parameters to the package download URL. This is especially useful for passing tokens as URL parameters.
composer multi-auth:config vendor/package query auth "license:\$TOKEN"
This will automatically append ?auth=license:{TOKEN} to the URL when Composer downloads vendor/package, where {TOKEN} is automatically resolved from your environment variables.
Global Configuration
If you want to apply the configuration globally across all your Composer projects, append the --global (or -g) flag.
composer multi-auth:config vendor/package license ABC-123 --global
Note
This will only work if Multiauth was installed globally.
Environment Variables
You can use environment variables in any of your credentials too! Prefix the variable name with a $ sign. Append \ to avoid the shell replacing the variable name with an environment value.
composer multi-auth:config vendor/package bearer \$MY_SECRET_TOKEN
When Composer downloads the package, the plugin will automatically resolve $MY_SECRET_TOKEN from your current environment.
Security
If you discover any security-related issues, please email darkghosthunter@gmail.com instead of using the issue tracker.
License
The MIT License (MIT). Please see License File for more information.