APIs in PHP from Basic to Advanced

Use REST APIs from PHP, and create your own RESTful API using plain PHP, with API key and JWT token authentication
APIs in PHP from Basic to Advanced
File Size :
1.56 GB
Total length :
5h 11m



Dave Hollingworth


Last update




APIs in PHP from Basic to Advanced

What you’ll learn

Understand how APIs work
Learn how to use an API from PHP
Create an API from scratch in plain PHP
Create, Read, Update, Delete (CRUD) using an API
Understand what REST and RESTful APIs are
Create a RESTful API in PHP
Understand how different API authentication mechanisms work
Create API-key authentication for your API
Understand how JSON web tokens (JWTs) work, the advantages and disadvantages, and why we use them
Understand how HTTP requests and responses work

APIs in PHP from Basic to Advanced


You need to know PHP, including the basics of classes and objects, and how to work with a database
You need to be happy using the command line, although full instruction on what commands to use will be given
Ideally have a web server with PHP and Composer installed, but a brief overview of installing these will be covered


An API is a way for a program to interact with another program. By using third-party APIs from your code, you can utilise functionality developed elsewhere. By creating an API to access your own data, other programs can take advantage of your services in a secure and easy fashion.Learn how to Use and Create Secure and Scalable APIs in PHP in this Comprehensive Course.Understand how APIs workLearn how to use an API from PHPUnderstand how HTTP requests and responses workUnderstand what REST and RESTful APIs areCreate a RESTful API from scratch, using plain PHP and MySQLUnderstand how API authentication worksAdd API key authentication to your APIUnderstand how JSON Web Tokens (JWTs) workAdd JWT access token authentication to your APIThe essential skills required to use and develop APIs with PHP.Unless you create every component of your application from scratch, your code will need to interact with external services – for example a payment gateway, or currency data. To use such services, you need to consume their APIs. On this course you’ll learn how to do this from PHP, and also how to create an API so that external programs can interact with your application.Content and OverviewThis course is designed for the PHP developer who wants to learn in depth how to use APIs from their code. I designed the course to be easily understood by PHP developers who have no previous experience of using APIs, and who want to develop full, secure APIs quickly and easily. Learning the techniques on this course will enable you to create APIs that are secure, robust and that comply with industry standards.Suitable for all PHP developers, you’ll start by learning the basics of how APIs work.You’ll learn various techniques for consuming APIs from PHP, along with their advantages and disadvantages.We’ll build a full API from scratch, with each concept explained in detail at every stage.You’ll learn what REST and what RESTful APIs are, why we use them, and how to make your API RESTful.Throughout the course, we’ll build code that you can reuse in all your projects.All the source code developed in the lectures is available to download.All the time we’ll adhere to industry standards and best practices.Each section has short, self-contained lectures that you can go back to reinforce specific concepts if you need to.When you complete the course you’ll be able to use APIs in your PHP applications to leverage third-party components and services. You’ll also be able to create your own API, using various authentication techniques depending on the type of API you want to create.Complete with all the code shown in the lectures, you’ll be able to work alongside the instructor and will receive a verifiable certificate of completion upon finishing the course.Also, at all times throughout the course you have access to the instructor in the Q&A section to ask for help with any topic related to the course.Enrol now and become a master of APIs in PHP!


Section 1: Introduction: how to use the course and software installation

Lecture 1 Introduction and welcome: how to get the most out of the course

Lecture 2 Install a package with a web server, PHP, a database server and phpMyAdmin

Lecture 3 Install Composer: manage third-party packages and autoload class files

Section 2: API basics: what APIs are and how to use them

Lecture 4 What is an API?

Lecture 5 Make an API call: access an API from PHP

Lecture 6 Decode API results: reading JSON in PHP

Lecture 7 Use API data in a web application

Section 3: HTTP basics: requests, responses and using cURL

Lecture 8 Use cURL instead of file_get_contents to make an API request

Lecture 9 Response codes: get the HTTP status code

Lecture 10 Request headers: add meta data about the request

Lecture 11 Response headers: read meta data about the response

Lecture 12 Get all individual response headers in an array

Lecture 13 Use an API that requires a specific request header

Lecture 14 Request method: change the method to get a different result with the same URL

Lecture 15 Request body: add a payload to send data along with the request

Section 4: REST and RESTful APIs: using them from PHP

Lecture 16 REST and RESTful APIs: what are they?

Lecture 17 Access a RESTful API in PHP with cURL

Lecture 18 Use the Guzzle HTTP client for object-oriented API code

Lecture 19 Use an SDK: compare the Stripe API to its SDK

Section 5: Create a RESTful API: build a framework for serving the API

Lecture 20 Start writing the API: enable URL rewriting

Lecture 21 The front controller: get the resource, ID and the request method

Lecture 22 Use a client for API development: cURL, Postman or HTTPie

Lecture 23 Set the HTTP status code: best practices

Lecture 24 Add a controller class to decide the response

Lecture 25 Use Composer’s autoloader to load classes automatically

Lecture 26 Make debugging easier: add type declarations and enable strict type checking

Lecture 27 Always return JSON: add a generic exception handler and JSON Content-Type header

Lecture 28 Send a 405 status code and Allow header for invalid request methods

Section 6: Create a RESTful API: create a database and retrieve data from it

Lecture 29 Create a new database and a database user to access it

Lecture 30 Create a table to store resource data

Lecture 31 Connect to the database from PHP: add a Database class

Lecture 32 Move the database connection data to a separate .env file

Lecture 33 Create a table data gateway class for the resource table

Lecture 34 Show a list of all records

Lecture 35 Configure PDO to prevent numeric values from being converted to strings

Lecture 36 Convert database booleans to boolean literals in the JSON

Lecture 37 Show an individual record

Lecture 38 Respond with 404 if the resource with the specified ID is not found

Section 7: Create a RESTful API: create, update and delete individual resources

Lecture 39 Get the data from the request as JSON

Lecture 40 Insert a record into the database and respond with a 201 status code

Lecture 41 Add a generic error handler to output warnings as JSON

Lecture 42 Validate the data and respond with a 422 status code if invalid

Lecture 43 Conditionally validate the data when updating an existing record

Lecture 44 Get the data from the request for updating an existing record

Lecture 45 Update the record in the database and return a 200 status code

Lecture 46 Delete the record in the database and return a 200 status code

Section 8: API key authentication

Lecture 47 Create a table to store user account data

Lecture 48 Add a register page to insert a new user record and generate a new API key

Lecture 49 Send the API key with the request: query string or request header

Lecture 50 Check the API key is present in the request and return 400 if not

Lecture 51 Create a table data gateway class for the user table

Lecture 52 Authenticate the API key and return a 401 status code if invalid

Lecture 53 Refactor the front controller to a bootstrap file and Auth class

Lecture 54 Add a foreign key relationship to link task records to user records

Lecture 55 Retrieve the ID of the authenticated user when authenticating

Lecture 56 Restrict the tasks index endpoint to only show the authenticated user’s tasks

Lecture 57 Restrict the rest of the task endpoints to the authenticated user’s tasks

Lecture 58 Cache the database connection to avoid multiple connections in the same request

Section 9: An introduction to authentication using access tokens

Lecture 59 An introduction to authentication using access tokens

Lecture 60 Create the login script and return 400 if the username and password are missing

Lecture 61 Select the user record based on the username in the request

Lecture 62 Check the username and password and return a 401 status code if invalid

Lecture 63 Generate an encoded access token containing the user details

Lecture 64 Pass the access token to the task API endpoints in the authorization header

Lecture 65 Validate the access token and decode its contents

Lecture 66 Get the authenticated user data from the access token

Section 10: Authentication using JSON Web Tokens (JWTs)

Lecture 67 An introduction to JSON web tokens (JWTs)

Lecture 68 Create a class to encode a payload in a JWT

Lecture 69 Generate a JWT access token in the login endpoint containing JWT claims

Lecture 70 Add a method to decode the payload from the JWT

Lecture 71 Pass in the secret key used for hashing as a dependency

Lecture 72 Authenticate the task endpoints using the JWT

Lecture 73 Use a custom exception class to return 401 if the signature is invalid

Lecture 74 Don’t store sensitive data in the JWT

Section 11: Expiring and refreshing access tokens

Lecture 75 Why access tokens need to expire and how to refresh them in a user-friendly way

Lecture 76 Add an expiry claim to the access token payload when logging in

Lecture 77 Throw a custom exception to not accept the JWT if it has expired

Lecture 78 Issue a refresh token in addition to the access token when logging in

Lecture 79 Add a refresh endpoint and validate the refresh token in the request

Lecture 80 Validate the user in the refresh token using the database

Lecture 81 Issue a new access token and refresh token to the authenticated user

Lecture 82 Create a table to store a refresh token whitelist

Lecture 83 Store the refresh token in the whitelist when issued in the login endpoint

Lecture 84 Replace the refresh token in the whitelist when issued in the refresh endpoint

Lecture 85 Validate the refresh token is on the whitelist and return a 400 response if not

Lecture 86 Add a logout endpoint to remove the an active refresh token from the whitelist

Lecture 87 Add a script to clear out expired refresh tokens from the whitelist

Lecture 88 See how a single-page application interacts with the API using access tokens

Section 12: Conclusion

Lecture 89 Conclusion & where to go from here

PHP developers of all levels who want to learn how to use third-party APIs in their code,PHP developers of all levels who want to create their own APIs,Experienced PHP API developers who want to add authentication to their APIs

Course Information:

Udemy | English | 5h 11m | 1.56 GB
Created by: Dave Hollingworth

You Can See More Courses in the Developer >> Greetings from CourseDown.com

New Courses

Scroll to Top