Skip to main content

Login Widget

Mr. AnonymousLess than 1 minute

We verify the authentication and integrity of the received data by comparing the received hash parameter to the hexadecimal representation of the HMAC-SHA-256 signature of the data validation string with the SHA256 hash of the bot token used as the secret key. Details hereopen in new window

🚀 A complete code example is available at this page



$user = $bot->validateLoginWidget(
  user: [
      'auth_date' => 1679130118,
      'first_name' => 'Сергій',
      // other fields
  throw: true

💡 Upon successful validation, the method will return all existing user data that can be used on your server.



  • Type: array
  • Required: Yes

An array of raw user data returned by the authorization widget.

Additional Informationopen in new window


  • Type: bool
  • Required: No
  • Default: null. Default settings apply

If set to true, the library will throw an exception if validation fails.


Be sure to use try/catch if you plan to handle exceptions 😉

If exceptions are enabled, you will get a [ValidationException] exception after a validation failure(../exception/ Otherwise, false will be returned.