Sanctum
API token and SPA authentication
Sanctum provides lightweight authentication for APIs and single-page applications.
Create personal access tokens for users so they can authenticate API requests.
Token creation flow
1
Useralice@example.com
2
createToken()api-token
3
Hash storedpersonal_access_tokens table
4
Plain text returned1|a3kF9x...
PHP
// Create a token
$token = $user->createToken('api-token');
// Access the plain-text value (shown once)
$token->plainTextToken;
// => "1|abc123def456..."
// Use in requests
// Authorization: Bearer 1|abc123def456...