Intervention HttpAuth

HTTP Authentication Management

176k Downloads / Month

Open Source MIT License


Intervention HttpAuth is a library for the authentication of resources with HTTP Basic or Digest authentication. The package can be easily installed and provides an API that makes these steps as simple as possible.

The workflow is divided into two steps. In the first, an instance of the Authenticator::class class is created descided which type of authentication should be used. In the second step, the respective resource is secured by a single call.

1. Create Authenticator Instance

To create authenticator instances you can choose between basic & digest auth. Simply use the static helper methods described below or learn how to instantiate the authenticator in other ways.

Create Authenticator Using HTTP Basic Auth

use Intervention\HttpAuth\Authenticator;

// create http basic auth
$auth = Authenticator::basic(

Create Authenticator Using HTTP Digest Auth

use Intervention\HttpAuth\Authenticator;

// create http digest auth
$auth = Authenticator::digest(

2. Ask User for Credentials

After you created a HTTP authentication instance, you have to call secure() to secure the resource. This results in a 401 HTTP response and the browser asking for credentials.


A character string can optionally be passed to the method. This is displayed if authentication fails. Output from template engines can also be used here.

$auth->secure('Sorry, you can not access this resource!');

Read more on how to install or use the package.