Contract PHP Developer - Authentication & Identity (OAuth/OIDC)

Contract PHP Developer - Authentication & Identity (OAuth/OIDC)

Location: Remote Working Duration: 2-3 months (extension likely)IR35 Status: Outside IR35

A high-growth digital platform is undertaking a critical modernisation of its authentication and identity layer and is seeking an experienced Contract PHP Developer to lead delivery. You will play a key role in transitioning a live production system from a legacy session-based model to a modern OAuth2/OIDC-based architecture, leveraging a third-party identity provider. This is a hands-on, high-impact contract within an active customer environment requiring a pragmatic, security-first approach with minimal disruption to users.

Key Responsibilities

• Design and implement a robust OAuth2/OIDC authentication solution using a third-party provider (e.g. Auth0, Descope, Okta, Cognito).
• Integrate authentication into an existing Laravel backend and Vue.js frontend
• Design and implement token flows for:
• User authentication (browser + API)
• Machine-to-machine integrations (client credentials)
• Implement secure token validation and propagation across services
• Define and implement Role-Based Access Control (RBAC) aligned to product needs
• Lead the migration strategy from session-based auth to token-based auth (e.g. phased rollout, account linking, forced re-authentication)
• Integrate with API Gateway for request validation and routing
• Deliver federated identity solutions (OIDC/SAML), enabling partner authentication and identity linking
• Collaborate with internal stakeholders to ensure solutions are secure, scalable, and maintainable

Essential Experience

• Proven experience delivering OAuth2 and OIDC implementations in production environments
• Hands-on experience with leading identity providers (Auth0, Okta, Cognito, Descope, etc.), including Infrastructure as Code configuration
• Strong experience designing end-to-end authentication architectures
• Demonstrated experience migrating legacy authentication systems (sessions tokens)
• Strong backend engineering experience with Laravel or similar PHP frameworks
• Experience integrating authentication into SSR frontends (Vue.js preferred)
• Solid understanding of RBAC, token security, validation, signing, and trade-offs

Desirable Skills

• Experience working with API Gateways (ideally GCP API Gateway)
• Experience implementing machine-to-machine authentication flows
• Knowledge of federated identity (OIDC/SAML, external IdPs)
• Experience within regulated industries
• Experience designing authentication for partner or external developer ecosystems

If you're an experienced contract PHP developer with proven experience modernising authentication and identity layers and looking for a role with high autonomy and ownership of delivery, please apply to the role for immediate consideration

Spectrum IT Recruitment (South) Limited is acting as an Employment Business in relation to this vacancy.