# How to use private repositories with Composer

# composer.json syntax

    "name": "your/package",
    "license": "proprietary",
    "type": "project",
    "description": "How to load an external private Composer package.",
    "require": {
        "your/private_package": "*"
    "repositories": [
            "type": "vcs",
            "url": "https://example.com/Your/private-package.git"

# Parameters

Parameters Details
repositories Tells Composer where it can download the required packages.
type: vcs Tells Composer how to treat the repository.
url: http://... Tells Composer where is the repository.

# Remarks

Use the type: "vcs" syntax to use private repositories (opens new window).

To manage access to the private repository while developing on a local machine, use an auth.json file (opens new window) and don't commit it in you project repository. Instead, give access to each single developer to the private repository so, using each one his/her own NOT COMMITTED auth.json file, they can fetch the remote repository with composer install or composer update.

Tip: Put the auth.json file in the .gitignore file of your git repository.

If you are using a continuous integration system, use the COMPOSER_AUTH (opens new window) environment variable.