Mollie Provider for OAuth 2.0 Client

v2.4.0 2021-08-28 10:04 UTC

This package is auto-updated.

Last update: 2021-09-30 09:55:32 UTC



Build Status

Mollie Connect in PHP

This package provides Mollie OAuth 2.0 support for the PHP League's OAuth 2.0 Client. Visit our API documentation for more information about the Mollie implementation of OAuth2.

Use Mollie Connect (OAuth) to easily connect Mollie Merchant accounts to your application. Mollie Connect also makes it possible to charge additional fees to your costumers with Application Fee.


By far the easiest way to install the Mollie API client is to require it with Composer.

$ composer require mollie/oauth2-mollie-php ^2.0

        "require": {
            "mollie/oauth2-mollie-php": "^2.0"

You may also git checkout or download all the files, and include the OAuth 2.0 provider manually.


Usage is the same as The League's OAuth client, using \Mollie\OAuth2\Client\Provider\Mollie as the provider.

Authorization Code Flow

$provider = new \Mollie\OAuth2\Client\Provider\Mollie([
    'clientId'     => 'YOUR_CLIENT_ID',
    'clientSecret' => 'YOUR_CLIENT_SECRET',
    'redirectUri'  => 'https://your-redirect-uri',

// If we don't have an authorization code then get one
if (!isset($_GET['code']))
    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $provider->getAuthorizationUrl([
        // Optional, only use this if you want to ask for scopes the user previously denied.
        'approval_prompt' => 'force', 
        // Optional, a list of scopes. Defaults to only ''.
        'scope' => [

    // Get the state generated for you and store it to the session.
    $_SESSION['oauth2state'] = $provider->getState();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);

// Check given state against previously stored one to mitigate CSRF attack
elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state']))
    exit('Invalid state');

        // Try to get an access token using the authorization code grant.
        $accessToken = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        // Using the access token, we may look up details about the resource owner.
        $resourceOwner = $provider->getResourceOwner($accessToken);
    catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e)
        // Failed to get the access token or user details.

Refreshing A Token

$provider = new \Mollie\OAuth2\Client\Provider\Mollie([
    'clientId'     => 'YOUR_CLIENT_ID',
    'clientSecret' => 'YOUR_CLIENT_SECRET',
    'redirectUri'  => 'https://your-redirect-uri',

$grant = new \League\OAuth2\Client\Grant\RefreshToken();
$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);

API documentation

If you wish to learn more about our APIs, please visit the Mollie Developer Portal.

Want to help us make our API client even better?

Want to help us make our API client even better? We take pull requests, sure. But how would you like to contribute to a technology oriented organization? Mollie is hiring developers and system engineers. Check out our vacancies or get in touch.


BSD (Berkeley Software Distribution) License. Copyright (c) 2015-2018, Mollie B.V.


Contact: — +31 20-612 88 55