Todo App
Build with AI Agent
PHP Template

Todo App Backend Template
PHP — Schema, API & AI Guide

A production-ready PHP Todo backend schema and Starter Kit on Back4app: ER diagram, data dictionary, JSON schema, API playground, code examples, and a one-click AI Agent prompt to deploy in minutes.

Build with AI Agent

Key Takeaways

On this page you get a production-ready schema, a one-click AI prompt, and step-by-step PHP code — so you can ship a Todo app without building the backend.

  1. Deploy in minutespaste the AI Agent prompt and get a running app with frontend, backend, and database.
  2. Secure by defaultrow-level ACLs ensure each user only sees their own todos.
  3. PHP-native SDKtyped objects, async/await, offline pinning, and Live Queries out of the box.
  4. REST + GraphQLboth APIs are auto-generated; no custom endpoints to write.
  5. Two classes_User (built-in auth) and Todo (tasks with title, done, dueDate, priority, owner).

What Is the PHP Todo App Backend Template?

Back4app is a backend-as-a-service (BaaS) ideal for Todo apps: managed backend, auth, real-time, and SDKs for 13+ technologies. The PHP Todo App Backend Template is a pre-built, production-ready backend schema hosted on Back4app. It gives you two database classes (_User and Todo), ownership-based ACLs, REST and GraphQL APIs, and a one-click AI Agent prompt — so you can connect a PHP frontend and ship a working Todo app in minutes instead of days.

Best for:

App developersRapid prototypingHackathonsLearning backend developmentMVP launchesTeams choosing a BaaS instead of a custom backend

Overview

A Todo app is one of the most common starting points for learning backend development. Under the hood it needs user registration, task CRUD, ownership-based access control, and optionally real-time sync.

The schema below defines two classes — _User (built-in) and Todo — connected by a Pointer. With the Back4app PHP SDK, you can interact with this backend from your app — querying, creating, updating, and deleting objects — without writing a custom API layer.

Why Build Your PHP Todo Backend with Back4app?

Back4app gives PHP apps a ready backend so you can focus on Laravel or your existing stack.

  • REST integration: Use Guzzle or cURL to call Back4app REST endpoints; PSR-style code and type hints keep requests clear.
  • No database migrations: Schema lives on Back4app; add fields from the dashboard or API without touching your PHP schema layer.
  • Deployment flexibility: Run your PHP app on any host; Back4app handles auth, storage, and real-time so you deploy faster.

Ideal for Laravel or standalone PHP projects that need a managed backend.

Core Benefits

A production-ready Todo backend so you can ship faster and focus on your app.

Ship Faster, No Backend Code

REST & GraphQL APIs and a ready-to-use schema — connect your app and go.

Secure by Default

ACLs and class-level permissions so users only access their own data.

Real-Time Updates

Live Queries over WebSockets for instant UI updates.

Built-In Auth

User sign-up, login, and session handling out of the box — no custom auth layer.

Works Offline

Local pinning keeps data available offline and syncs when you reconnect.

Deploy in Minutes

Use the AI Agent to create and deploy your Todo app from this template.

Ready to try it?

Let the Back4app AI Agent create your Todo app backend, connect the PHP frontend, and deploy — all from a single prompt.

Build with AI AgentTry the API Playground

Free to start — 50 AI Agent prompts/month, no credit card required

Technical Stack

Everything powering this Todo app template at a glance.

Frontend
PHP
Backend
Back4app
Database
MongoDB
Auth
Auth & Access Control
APIs
REST & GraphQL
Deployment
AI Agent / Dashboard

ER Diagram

Entity-Relationship diagram for the PHP Todo app data model.

View diagram source
Mermaid
erDiagram
    _User {
        String objectId PK
        String username
        String email
        String password
        Date createdAt
        Date updatedAt
    }

    Todo {
        String objectId PK
        String title
        Boolean done
        Date dueDate
        Number priority
        Pointer owner FK
        Date createdAt
        Date updatedAt
    }

    _User ||--o{ Todo : "owns"

Integration Flow

Auth-to-CRUD sequence: how your PHP app talks to Back4app — login, then query and create todos.

View diagram source
Mermaid
sequenceDiagram
  participant User
  participant App as PHP App
  participant Back4app as Back4app REST API

  User->>App: Login
  App->>Back4app: POST /login (username, password)
  Back4app-->>App: sessionToken
  App-->>User: Logged in

  User->>App: Load todos
  App->>Back4app: GET /classes/Todo (X-Parse-Session-Token)
  Back4app-->>App: results[]
  App-->>User: Show list

  User->>App: Create todo
  App->>Back4app: POST /classes/Todo
  Back4app-->>App: objectId, createdAt
  App-->>User: Updated list

Data Dictionary

Complete field reference for every class in the schema.

FieldTypeDescriptionRequired
objectIdStringAuto-generated unique identifierauto
titleStringShort description of the task
doneBooleanWhether the task is completed
dueDateDateOptional deadline for the task
priorityNumberPriority level (1 = high, 3 = low)
ownerPointer<_User>User who owns this task
createdAtDateAuto-generated creation timestampauto
updatedAtDateAuto-generated last-update timestampauto

8 fields in Todo

Security & Permissions

How ownership, ACLs, and class-level permissions protect data in this schema.

Row-Level ACLs

Each Todo gets an ACL tied to its owner. Only the creator can read, update, or delete their own tasks.

Class-Level Permissions

CLPs restrict which roles or users can create, read, update, or delete objects at the class level — your first line of defense.

Pointer-Based Ownership

The owner Pointer links each Todo to its _User. Cloud Code triggers can auto-set ownership and enforce ACLs on save.

Schema (JSON)

Raw JSON schema definition — copy and use in your Back4app app or import via the API.

JSON
{
  "classes": [
    {
      "className": "Todo",
      "fields": {
        "objectId": {
          "type": "String",
          "required": false
        },
        "title": {
          "type": "String",
          "required": true
        },
        "done": {
          "type": "Boolean",
          "required": false,
          "defaultValue": false
        },
        "dueDate": {
          "type": "Date",
          "required": false
        },
        "priority": {
          "type": "Number",
          "required": false,
          "defaultValue": 3
        },
        "owner": {
          "type": "Pointer",
          "targetClass": "_User",
          "required": false
        },
        "createdAt": {
          "type": "Date",
          "required": false
        },
        "updatedAt": {
          "type": "Date",
          "required": false
        }
      }
    },
    {
      "className": "_User",
      "fields": {
        "objectId": {
          "type": "String",
          "required": false
        },
        "username": {
          "type": "String",
          "required": true
        },
        "email": {
          "type": "String",
          "required": true
        },
        "password": {
          "type": "String",
          "required": true
        },
        "createdAt": {
          "type": "Date",
          "required": false
        },
        "updatedAt": {
          "type": "Date",
          "required": false
        }
      }
    }
  ]
}

Build with AI Agent

Use the Back4App AI Agent to build a real Todo app from this template: it will create the frontend, the backend (this schema, auth, and APIs), and deploy it — no manual setup. The prompt below describes this Todo stack so the Agent can generate a production-ready app in one go.

Back4app AI Agent
Ready to build
Create a Todo app on Back4app with this exact schema and behavior.

Schema:
1. _User (use Back4app built-in): username (String, required), email (String, required), password (String, required); objectId, createdAt, updatedAt (system).
2. Todo: title (String, required), done (Boolean, default: false), dueDate (Date, optional), priority (Number, default: 3; 1=high, 2=medium, 3=low), owner (Pointer to _User; set to current user on create); objectId, createdAt, updatedAt (system).

Security:
- Set ACLs on every Todo so only the owner has read and write. No public read/write.
- On create, set Todo.owner to the current user (e.g. via Cloud Code beforeSave or client-side).
- Use Class-Level Permissions so only authenticated users can create/read/update/delete Todo.

Auth:
- Sign-up (username, email, password) and login; support logout/session.
- After login, the app should only show and allow CRUD for the current user's todos.

Behavior:
- Full CRUD for Todo: create, list (only owner's), get one, update (toggle done, edit title, dueDate, priority), delete.
- List todos with sort (e.g. by priority then dueDate or createdAt). Default priority for new todos: 3 (low).

Deliver:
- Create the Back4app app with the schema above, ACLs, and any Cloud Code needed (e.g. beforeSave on Todo to set owner).
- Generate the frontend and connect it to this backend; deploy so the app is runnable end-to-end.

Press the button below to open the Agent with this template's prompt pre-filled.

Deploy in minutes50 free prompts / monthNo credit card required

API Playground

Try the REST and GraphQL endpoints for the Todo schema. Responses from the example data above — no Back4app account needed.

Loading playground…

Uses the same Todo schema as this template.

Step-by-Step PHP Integration

Connect to your Back4app backend from a PHP app using the Back4app PHP SDK.

  1. Step 1: Install Back4app PHP SDK

    Add the Back4app SDK for your stack (e.g. npm, pubspec, or package manager).

    PHP
    composer require guzzlehttp/guzzle

  2. Step 2: Initialize Back4app in your app

    Initialize the Back4app SDK at app startup with your App ID and server URL.

    PHP
    // Initialize (e.g. bootstrap or config)
$baseUrl = 'https://parseapi.back4app.com';
$appId = getenv('PARSE_APP_ID');
$restKey = getenv('PARSE_REST_KEY');
$sessionToken = null; // set after login

  3. Step 3: Query all todos

    Use the SDK to fetch all Todo objects, sorted by priority.

    PHP
    // GET /classes/Todo
function getTodos(string $baseUrl, string $appId, string $restKey, ?string $sessionToken): array {
    $client = new \GuzzleHttp\Client();
    $headers = [
        'X-Parse-Application-Id' => $appId,
        'X-Parse-REST-API-Key'   => $restKey,
        'Content-Type' => 'application/json',
    ];
    if ($sessionToken) $headers['X-Parse-Session-Token'] = $sessionToken;
    $res = $client->get($baseUrl . '/classes/Todo?order=priority', ['headers' => $headers]);
    $body = json_decode($res->getBody()->getContents(), true);
    return $body['results'] ?? [];
}

  4. Step 4: Create a todo

    Create a new Todo with title, done, and priority, then save.

    PHP
    // POST /classes/Todo
function createTodo(string $baseUrl, string $appId, string $restKey, string $sessionToken, string $title, int $priority = 3): array {
    $client = new \GuzzleHttp\Client();
    $res = $client->post($baseUrl . '/classes/Todo', [
        'headers' => [
            'X-Parse-Application-Id' => $appId,
            'X-Parse-REST-API-Key'   => $restKey,
            'X-Parse-Session-Token'  => $sessionToken,
            'Content-Type' => 'application/json',
        ],
        'json' => ['title' => $title, 'done' => false, 'priority' => $priority],
    ]);
    return json_decode($res->getBody()->getContents(), true);
}

  5. Step 5: Update and delete todos

    Update fields and save, or delete the object.

    PHP
    // PUT /classes/Todo/{objectId} — mark done
// DELETE /classes/Todo/{objectId}
function markDone(string $baseUrl, string $appId, string $restKey, string $sessionToken, string $objectId): void {
    $client = new \GuzzleHttp\Client();
    $client->put($baseUrl . '/classes/Todo/' . $objectId, [
        'headers' => [
            'X-Parse-Application-Id' => $appId,
            'X-Parse-REST-API-Key'   => $restKey,
            'X-Parse-Session-Token'  => $sessionToken,
            'Content-Type' => 'application/json',
        ],
        'json' => ['done' => true],
    ]);
}

Frequently Asked Questions

Common questions about the Todo app backend template.

What is Back4app?
Why use Back4app for a PHP Todo app?
What is the Todo class when using PHP with Back4app?
How do I pass the session token from PHP?
Can I add fields to Todo from my PHP app?
How do I query todos by priority in PHP?
Is real-time sync available for PHP?
How do I add categories or tags in PHP?

Trusted by developers worldwide

Join the community building the future of apps

G2 Users Love Us Badge

Ready to Build Your Todo App?

Start your PHP project in minutes. No credit card required.

Build with AI Agent