Skip to main content

Introduction

Laravel Forge provides seamless management of Composer authentication credentials through the “http-basic” configuration in your server or site’s auth.json file. These credentials are securely stored and automatically applied to your Composer operations.

Credential levels

Server-level credentials

Server-level Composer credentials are shared across all sites running under the same Ubuntu user account. For instance, if you have multiple sites deployed under the forge user, they’ll all have access to the same globally stored credentials located at ~/.config/composer/auth.json. To manage server-level credentials, navigate to your server’s dashboard, select the “PHP” tab, then click the “Composer” sidebar item.

Site-level credentials

Site-level credentials apply exclusively to individual sites, providing granular control when different sites require unique authentication for the same packages. This is particularly useful when multiple sites under the same user need different access permissions or licensing. To manage site-level credentials, navigate to your site’s dashboard, select the “Settings” tab, then click the “Composer” sidebar item.

Managing credentials

Adding credentials

To add new Composer credentials, navigate to the appropriate Composer management page and click the “Add credential” button. Complete the required fields and click “Add credential” to save:
  • Repository URL: The URL Composer uses to match credentials with the corresponding package provider
  • Username: Typically an email address or unique identifier required by the package provider
  • Password: The associated password or license key for authentication

Updating credentials

To modify existing credentials, navigate to the appropriate Composer dashboard, locate the credential you want to update, open its dropdown menu, and select “Edit”. Make your changes and save the updated information.

Removing credentials

To delete credentials, navigate to the appropriate Composer dashboard, locate the credential you want to remove, open its dropdown menu, select “Delete”, and confirm the removal when prompted.