Tutorials>RingCentral Authorization Code Flow OAuth - PHP

In this step-by-step tutorial, you are going to learn how to authorize a user to login RingCentral platform using the authorization code flow. Click the "Start" button below to start the tutorial.

Start Tutorial

Clone and Setup the project

Clone the project from GitHub and install RingCentral PHP SDK and dependencies.

Create a RingCentral app

The first thing we need to do is create an app in the RingCentral Developer Portal.

If you don't know how to create a RingCentral app. Click here for instructions.

Set Environment Variables

Copy the Client id and Client secret and add them to the .env-sandbox file.


If you want to specify variables for your production environment, repeat this step for the .env-production file.

Implement the main page

We create a main page with login options to login a production account or a sandbox account.

Implement the login page

When a user clicks the login link from the mail page, we add the selected environment value to the env query parameter.

To construct the login page, we do the following steps:

  • Check the query $_REQUEST['env'] parameter to identify which environment was selected and load our app credentials accordingly.

  • Save the selected environment to the session so we can use it later.

  • Load the SDK and create an instance of the SDK, passing the app credentials and assign to the $rcsdk variable.

  • Get the $platform instance from the SDK and call the $platform->authUrl() function to generate the $authorize_uri.

  • Create the login page with the $authorize_uri and the $redirect_uri assigned as shown on the codes beside.

The login page is just an empty page with JavaScript codes to launch the pop-up RingCentral login window.

After login successfully, we will close the popup window and launch the test page.

Load the RingCentral PHP SDK

Let's create a file named engine.php to implement the oauth2callback route and handle our test cases later on.

Using a RingCentral SDK is the most convenient way to authenticate and access RingCentral platform services.

We load the the RingCentral SDK and check the selected environment we saved in the session $_SESSION['env']. Then we create an instance of the SDK, passing the app credentials and assign to the $rcsdk variable.

We also get the $platform instance from the SDK because we'll use it later.

Implement the oauth2callback route

We specified the redirect Uri as http://localhost:5000/engine.php?oauth2callback in our app and we passed the redirect_uri in the authentication query. If the redirect URIs match, RingCentral will send a request with the authorization code to this route.

To start login with the authorization code, we read the code sent from RingCentral and use the $platform->login() function to login with parameters set as shown on the codes beside.

If we login successfully, we will save the token info from tokens to a session and send a "login success" message to the caller.

Implement the test page

Let's create a file named test.php add a few test cases and the logout option to the test page.

Implement the test route

To call a RingCentral API using the $platform instance, we do the following steps:

  • Check if the tokens was set in the session. If the tokens does not exist, we redirect to the main page to force a user login again..

  • Call the $platform->auth()->setData() function to set the tokens we saved in the session.

  • Call the $platform->loggedIn() to check if we are still logged in or not. If we are no longer logged in (access token and refresh token expired), we redirect the user to the main page.

  • Check if the user chooses to logout then call the $platform->logout() function to logout and redirect to the main page to force a user login again..

  • Check which API was clicked and call the API accordingly as shown on the codes beside.

Run the demo app

$ php -S localhost:5000

On a Web browser, enter localhost:5000 then choose to login your production or sandbox account.