Download
Laravel Sanctum provides a featherweight authentication system for SPAs (single-page applications), mobile applications, and simple, token-based APIs. Sanctum allows each user of your application to generate multiple API tokens for their account. These tokens may be granted abilities/scopes that specify which actions the tokens are allowed to perform. Laravel Sanctum exists to solve two separate problems. Let's discuss each before digging deeper into the library. First, Sanctum is a simple package you may use to issue API tokens to your users without the complication of OAuth. This feature is inspired by GitHub and other applications that issue "personal access tokens". For example, imagine the "account settings" of your application has a screen where a user may generate an API token for their account. You may use Sanctum to generate and manage those tokens. These tokens typically have a very long expiration time (years), but may be manually revoked by the user anytime.
Features
- SPA Authentication
- Sanctum does not use tokens of any kind
- Sanctum uses Laravel's built-in cookie based session authentication services
- Sanctum will only attempt to authenticate using cookies when the incoming request originates from your own SPA frontend
- Override Default Models
- Documentation available
- Examples available
Project Samples
