Stellar PHP SDK API Documentation

SubmitCompletedChallengeResponse extends Response
in package

Response from the SEP-10 token endpoint after submitting a signed challenge transaction.

This response is returned by the authentication server when a client submits the signed challenge transaction (POST to the auth endpoint). A successful response contains a JWT token that can be used to authenticate subsequent requests to protected services.

Structure: The response can contain either:

  • 'token': A JWT token string on successful authentication (HTTP 200)
  • 'error': An error message string on authentication failure (HTTP 400)

JWT Token Format: The token contains standard JWT claims including:

  • 'sub': The authenticated account (G... or M... address, optionally with :memo suffix)
  • 'iss': The token issuer (authentication server URL)
  • 'iat': Token issued at timestamp
  • 'exp': Token expiration timestamp (typically 15 minutes to 24 hours)
  • 'client_domain': Optional, present if client domain verification was performed

Usage: On success, extract the JWT token and use it as a Bearer token in the Authorization header for subsequent requests to SEP-24, SEP-31, SEP-12, or other authenticated endpoints. The token should be stored securely and refreshed when it expires.

On error, the error field contains a human-readable description of why authentication failed, such as insufficient signatures, invalid signatures, or server policy violations.

Tags
see
https://github.com/stellar/stellar-protocol/blob/v3.4.1/ecosystem/sep-0010.md#token

SEP-10 Token Response

see
WebAuth::jwtToken()

For the complete authentication flow

Table of Contents

Properties

$httpClient  : Client|null
$rateLimitLimit  : int|null
$rateLimitRemaining  : int|null
$rateLimitReset  : int|null

Methods

fromJson()  : SubmitCompletedChallengeResponse
getError()  : string|null
getHttpClient()  : Client|null
Gets the HTTP client used for pagination requests
getJwtToken()  : string|null
getRateLimitLimit()  : int|null
Returns X-RateLimit-Limit header from the response.
getRateLimitRemaining()  : int|null
Returns X-RateLimit-Remaining header from the response.
getRateLimitReset()  : int|null
Returns X-RateLimit-Reset header from the response. Seconds until a new window starts.
setError()  : void
setHeaders()  : void
Extracts and sets rate limiting information from HTTP response headers
setHttpClient()  : void
Sets the HTTP client for making follow-up requests
setJwtToken()  : void
loadFromJson()  : void
Loads response data from a JSON array

Properties

$httpClient

protected Client|null $httpClient = null

$rateLimitLimit

protected int|null $rateLimitLimit = null

$rateLimitRemaining

protected int|null $rateLimitRemaining = null

$rateLimitReset

protected int|null $rateLimitReset = null

Methods

getHttpClient()

Gets the HTTP client used for pagination requests

public getHttpClient() : Client|null
Return values
Client|null

The HTTP client instance, or null if not set

getRateLimitLimit()

Returns X-RateLimit-Limit header from the response.

public getRateLimitLimit() : int|null

This number represents the he maximum number of requests that the current client can make in one hour.

Tags
see
https://developers.stellar.org

Stellar developer docs Rate limiting documentation

Return values
int|null

getRateLimitRemaining()

Returns X-RateLimit-Remaining header from the response.

public getRateLimitRemaining() : int|null

The number of remaining requests for the current window.

Tags
see
https://developers.stellar.org

Stellar developer docs Rate limiting documentation

Return values
int|null

getRateLimitReset()

Returns X-RateLimit-Reset header from the response. Seconds until a new window starts.

public getRateLimitReset() : int|null
Tags
see
https://developers.stellar.org

Stellar developer docs Rate limiting documentation

Return values
int|null

setHeaders()

Extracts and sets rate limiting information from HTTP response headers

public setHeaders(array<string|int, mixed> $headers) : void

This method processes the X-Ratelimit-* headers from the HTTP response and stores them for client access.

Parameters
$headers : array<string|int, mixed>

Associative array of HTTP headers from the response

setHttpClient()

Sets the HTTP client for making follow-up requests

public setHttpClient([Client|null $httpClient = null ]) : void

Paginated responses contain links to next/previous pages. This HTTP client is used when following those links to fetch additional pages.

Parameters
$httpClient : Client|null = null

The Guzzle HTTP client to use for pagination

loadFromJson()

Loads response data from a JSON array

protected loadFromJson(array<string|int, mixed> $json) : void

This method is used internally to populate response objects from parsed JSON. Subclasses override this to extract their specific data fields.

Parameters
$json : array<string|int, mixed>

Associative array of parsed JSON data


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results