Paseto (pɔːsɛtəʊ, paw-set-oh) is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards.

This library is a reference implementation of PASETO in the PHP language. Please refer to the PASETO Specification for design considerations.

See the documentation.

The PASETO specification may also be useful for understanding why things are designed the way they are.

For key wrapping, serialization, and canonical identification, please see the PHP implementation of PASERK.

If you're not sure what that means, please refer to the PASERK specification.

Since PASERK is a PASETO extension, PASERK support is not automatically included with PASETO, but PASETO is bundled with PASERK.

• Requires PHP 8.1 or newer.
• For v3 tokens, the GMP and OpenSSL extensions are required.
• For v4 tokens, the Sodium extension is strongly recommended (but this library will use sodium_compat if it's not).
• PASETO Protocol versions: v3, v4

• Requires PHP 7.1 or newer.
• For v3 tokens, the GMP and OpenSSL extensions are required.
• For v4 tokens, the Sodium extension is strongly recommended (but this library will use sodium_compat if it's not).
• PASETO Protocol versions: v1, v2, v3, v4

• Requires PHP 7.0 or newer.
• For v1 tokens, the OpenSSL extension is required.
• For v2 tokens, the Sodium extension is strongly recommended (but this library will use sodium_compat if it's not).
• PASETO Protocol versions: v1, v2

If your company uses this library in their products or services, you may be interested in purchasing a support contract from Paragon Initiative Enterprises.