Skip to content
← All packages

Cbox ID Tokens

A service-to-service OAuth helper for callers of Cbox ID-issued tokens. Sister apps install it to talk to Cbox ID and to each other through ID-issued bearer tokens, with caching built in.

Cbox ID Tokens is the caller half of service auth: a service-to-service OAuth helper for apps that need to obtain and use Cbox ID-issued bearer tokens. Webhooks, vault, and other sister apps install it to talk to the identity server and to each other. It fetches tokens via the client-credentials grant and caches them so you are not minting a new token on every call.

Talk To Services

Client-credentials grant

Obtain ID-issued access tokens with your app client id and secret, ready to attach to outgoing requests.

Cached tokens

Tokens are cached in your app store (Redis recommended) and reused until near expiry, so services are not re-authenticating constantly.

Zero-config discovery

Auto-registers via Laravel package discovery. Point it at the token endpoint and set the client credentials in config.

Pairs with JWKS Auth

Use it alongside Cbox ID JWKS Auth when an app both mints tokens to call others and validates the tokens it receives.