Nexus API Reference

Principal

Tags
psalm-api

The "who" of an authenticated request. Set by AuthenticationMiddleware onto the PSR-7 request attribute "principal"; read by handlers via #[FromPrincipal] or $req->getAttribute('principal').

Implementations should be immutable readonly value objects. The default SimplePrincipal covers 90% of cases; custom implementations let you carry domain-specific identity (user objects, tenant ids, etc).

Table of Contents

Methods

claims()  : array<string, mixed>
hasRole()  : bool
hasScope()  : bool
id()  : string
Stable identifier for the principal — used for logging, audit, MDC.
roles()  : array<int, string>
scopes()  : array<int, string>

Methods

claims()

public claims() : array<string, mixed>
Return values
array<string, mixed>

hasRole()

public hasRole(string $role) : bool
Parameters
$role : string
Return values
bool

hasScope()

public hasScope(string $scope) : bool
Parameters
$scope : string
Return values
bool

id()

Stable identifier for the principal — used for logging, audit, MDC.

public id() : string

Typically a user id, service account name, or "anonymous".

Return values
string

roles()

public roles() : array<int, string>
Return values
array<int, string>

scopes()

public scopes() : array<int, string>
Return values
array<int, string>

        
On this page

Search results