API Authentication using Laravel Sanctum — Laravel 8
For web developers, it’s important for us to authenticates our users via API Request. In Laravel itself, besides its full-stack development, we have many options on how to authenticate the requests. For example, we have the Laravel Passport package to do the authentication and OAuth processes. But, if you don’t want to use the OAuth feature that Passport offers, then the Laravel Sanctum may be a choice for you.
What is Laravel Sanctum?
Laravel Sanctum provides a featherweight authentication system for SPAs (single page applications), mobile applications, and simple, token based APIs (https://laravel.com/docs/8.x/sanctum)
Yes, in Sanctum, we have two options here. The first is the API Token Authentication, and the second is SPA Authentication. There is another authentication such as Mobile Applications, but this authentication has a similar process to API Token Authentication.
So the next question is, what are the differences between the API Token and SPA Authentication? The API Token Authentication uses a Token that your client/front-end must issue first before sent any requests to the server. Your client gets the Token via the /login routes, then every…
