Authorization for PHP applications
Add Cerbos authorization checks to your PHP application with the official Composer package. PSR-compatible client for the Cerbos PDP.
Composer package
Install via Composer and autoload the SDK into any PHP application, whether you use Symfony, Slim, or plain PHP
PSR-compatible
Works with PSR-18 HTTP clients and PSR-7 message interfaces, so it integrates with the HTTP layer you already use
Request context attributes
Pass user attributes, resource metadata, and request context to Cerbos policies for fine-grained, context-aware authorization decisions
What is Cerbos?
Cerbos is an enterprise authorization solution built to secure access across complex, distributed environments, SaaS products, and regulated systems.
It externalizes authorization logic from application code, making access control consistent and centrally managed across all your services. Instead of scattering permission checks throughout your codebase, you make a single API call to the Cerbos PDP.
Authorization policies are written in human-readable YAML supporting RBAC, ABAC, and conditional rules. They live outside your application and can be updated, tested, and deployed independently.
The PHP SDK makes integrating Cerbos straightforward, checking authorization is as simple as calling a function, and the stateless PDP scales horizontally with your infrastructure.
How to authorize with the PHP SDK
- Install the PHP SDK. Add the package to your project with
composer require cerbos/cerbos-sdk-php. - Initialize the Cerbos client. Create a CerbosClient instance pointing at your Cerbos PDP running as a sidecar, remote service, or connected via Cerbos Hub.
- Call checkResources(). Pass the principal, resource, and actions to the SDK method and receive an authorization decision.
- Cerbos returns allow or deny. The PDP evaluates your YAML policies and returns a decision your application can enforce immediately.
FAQ
How do I use the Cerbos PHP SDK?
Install the package with `composer require cerbos/cerbos-sdk-php`, create a CerbosClient pointing at your PDP instance, and call checkResources() with the principal, resource, and actions. The SDK handles HTTP communication and response parsing.
Is the PHP SDK compatible with PSR standards?
Yes. The SDK is designed to work with PSR-compatible HTTP clients and can integrate with any PHP framework that follows PSR standards.
Is the PHP SDK open source?
Yes. All Cerbos SDKs are open source and available on GitHub. They are actively maintained and kept up to date with the latest Cerbos PDP features.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + PHP
- Authorization check via a single function call in PHP
- Policies evolve independently of application code
- Full audit trail for every authorization decision
- Stateless PDP instances scale horizontally
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.