Secrets Manager PHP SDK
The PHP language wrapper for interacting with the Bitwarden Secrets Manager. The SDK, like the Secrets Manager CLI built on-top of it, can be used to execute the following operations:
Authenticate using an access token.
Perform commands for secret and project including:
list,create,updateanddelete.
note
This SDK is a beta release. Therefore, some functionality may be missing.
Setting up a Secrets Manager account prior to using the PHP SDK is recommended. This includes:
Enabling the Secrets Manager CLI.
Setting up machine accounts.
Setting up access tokens.
PHP version 8.0 or newer
Composer
Bitwarden C libraries. Generate using the BitwardenSDK and following instructions in the readme (requires Rust).
note
If you are not using the standalone version of this library, the files will be placed in the
target/debugfolder of the BitwardenSDK repository.
Locate the PHP GitHub repository here.
Initialize BitwardenSettings by passing in api_url and identity_url. Bitwarden will use defaults https://api.bitwarden.com and https://identity.bitwarden.com for api_url and identity_url respectively.
Bash$access_token = '<your token here>';
$api_url = "<api url>";
$identity_url = "<identity url>";
$organization_id = "<your organization id here>";
$bitwarden_settings = new \Bitwarden\Sdk\BitwardenSettings($api_url, $identity_url);
$bitwarden_client = new \Bitwarden\Sdk\BitwardenClient($bitwarden_settings);
$bitwarden_client->access_token_login($access_token);After successful authorization, you can interact with the client to manage projects and secrets.
Bash$bitwarden_client = new \Bitwarden\Sdk\BitwardenClient($bitwarden_settings);
$res = $bitwarden_client->access_token_login($access_token);Once the Bitwarden client has been created and authorized, Secrets Manager commands can be passed into the client.
The project command is used to access, manipulate, and create projects. The scope of access assigned to your machine account will determine what actions can be completed with the project command.
create project
Bash$name = "PHP project"
$res = $bitwarden_client->projects->create($name, $organization_id);
$project_id = $res->id;get project
Bash$res = $bitwarden_client->projects->get($project_id);list projects
Bash$res = $bitwarden_client->projects->list($organization_id);update projects
Bash$name = "Updated PHP project"
$res = $bitwarden_client->projects->put($project_id, $name, $organization_id);delete project
Bash$res = $bitwarden_client->projects->delete([$project_id]);The secret command is used to access, manipulate and create secrets. As with all commands, secrets and projects outside your access token's scope of access cannot be read or written-to.
create secret
Bash$key = "AWS secret key";
$note = "Private account";
$value = "76asaj,Is_)"
$res = $bitwarden_client->secrets->create ($key, $note, $organization_id, [$project_id], $secret);
$secret_id = $res->id;get secret
Bash$res = $bitwarden_client->secrets->get($secret_id);get multiple secrets
Bash$res = $bitwarden_client->secrets->get_by_ids([$secret_id]);list secret
Bash$res = $bitwarden_client->secrets->list($organization_id);update secret
Bash$note = "Updated account";
$key = "AWS private updated"
$value = "7uYTE,:Aer"
$res = $bitwarden_client->secrets->update ($secret_id, $key, $note, $organization_id, [$project_id], $secret);delete secret
Bash$res = $bitwarden_client->secrets->delete([$secret_id]);Suggest changes to this page
How can we improve this page for you?
For technical, billing, and product questions, please contact support