For AI agents and LLMs: a structured documentation index is available at /llms.txt. Every page has a Markdown sibling — append .md to any URL.

Skip to content
Docs

Get started with Paddle in PHP

Install the Paddle PHP SDK, initialize a client, make your first request, and verify webhook signatures.

AI summary

Install the Paddle PHP SDK via Composer, initialize a sandbox client, list products, and verify webhook signatures with the PSR-7-compatible Verifier helper.

  • • The PHP SDK accepts any PSR-7 RequestInterface, so it works with Guzzle, Symfony, and Laravel (Illuminate\Http\Request::toPsrRequest()) without additional adapters.
  • • If you're using Laravel, consider Laravel Cashier Paddle instead — it's maintained by the Laravel team with framework-native conventions for payments and subscriptions.
  • • Always call (new Verifier())->verify($request, $secret) before acting on the payload and return a 400 immediately if verification fails.
Latest: v1.17.1 · 2026-04-30

This quickstart walks through installing the Paddle PHP SDK, initializing a client, making your first read-only API call, and verifying webhook signatures.

Before you begin

You'll need:

Install the SDK

Install paddlehq/paddle-php-sdk with Composer:

Shell
composer require paddlehq/paddle-php-sdk

View the PHP SDK on GitHub

Initialize the client

Create a Client with your API key. Use the SANDBOX environment while you're building.

PHP
use Paddle\SDK\Client;
use Paddle\SDK\Environment;
use Paddle\SDK\Options;


$paddle = new Client(
    apiKey: getenv('PADDLE_API_KEY'),
    options: new Options(Environment::SANDBOX),
);

For production, drop the options argument:

PHP
$paddle = new Client(getenv('PADDLE_API_KEY'));

Make your first request

List products to confirm the client is wired up. The SDK returns an iterable that paginates automatically.

PHP
use Paddle\SDK\Client;
use Paddle\SDK\Environment;
use Paddle\SDK\Options;
use Paddle\SDK\Exceptions\ApiError;


$paddle = new Client(
    apiKey: getenv('PADDLE_API_KEY'),
    options: new Options(Environment::SANDBOX),
);


try {
    $products = $paddle->products->list();
    foreach ($products as $product) {
        echo $product->id . '  ' . $product->name . PHP_EOL;
    }
} catch (ApiError $error) {
    echo 'Paddle API error: ' . $error->getMessage();
}

If your sandbox account is empty, the loop runs zero times. Create a product in the dashboard or via $paddle->products->create() to see results.

4. Verify webhooks

You can use webhooks to keep your app in sync with Paddle. For example, you can provision access when a subscription is created, or revoke access when a subscription is cancelled.

The SDK's Verifier accepts any PSR-7 RequestInterface, like Guzzle, Symfony, Laravel (Illuminate\Http\Request::toPsrRequest()), and most modern PHP HTTP frameworks all support this. Always verify the signature before acting on the payload.

PHP
use GuzzleHttp\Psr7\ServerRequest;
use Paddle\SDK\Entities\Event;
use Paddle\SDK\Notifications\Secret;
use Paddle\SDK\Notifications\Verifier;


$request = ServerRequest::fromGlobals();
$secret = new Secret(getenv('PADDLE_WEBHOOK_SECRET'));


if (!(new Verifier())->verify($request, $secret)) {
    http_response_code(400);
    exit('invalid signature');
}


$event = Event::fromRequest($request);


switch ($event->eventType) {
    case 'transaction.completed':
        // Provision access, send a receipt, etc.
        break;
    case 'subscription.updated':
        // Sync the subscription to your database.
        break;
}


http_response_code(200);
echo 'ok';

For the full webhook setup flow, including creating notification destinations, picking events, and retry behavior, see Verify webhook signatures.

Next steps

Was this page helpful?