Cbox ID Tokens
A service-to-service OAuth helper for callers of Cbox ID-issued tokens. Sister apps install it to talk to Cbox ID and to each other through ID-issued bearer tokens, with caching built in.
Cbox ID Tokens is the caller half of service auth: a service-to-service OAuth helper for apps that need to obtain and use Cbox ID-issued bearer tokens. Webhooks, vault, and other sister apps install it to talk to the identity server and to each other. It fetches tokens via the client-credentials grant and caches them so you are not minting a new token on every call.
Talk To Services
Client-credentials grant
Obtain ID-issued access tokens with your app client id and secret, ready to attach to outgoing requests.
Cached tokens
Tokens are cached in your app store (Redis recommended) and reused until near expiry, so services are not re-authenticating constantly.
Zero-config discovery
Auto-registers via Laravel package discovery. Point it at the token endpoint and set the client credentials in config.
Pairs with JWKS Auth
Use it alongside Cbox ID JWKS Auth when an app both mints tokens to call others and validates the tokens it receives.