🔴 Laravel Intermediate

What is Laravel Sanctum?

Answer

Laravel Sanctum is a lightweight authentication system for SPAs (Single Page Applications), mobile applications, and simple token-based APIs. Install: composer require laravel/sanctum. It provides two authentication mechanisms: API tokens (issue long-lived tokens with specific abilities: $user->createToken("mobile-app", ["read"])->plainTextToken) and SPA authentication (cookie-based session authentication for same-domain SPAs, combining CSRF protection with session auth). Validate ability: $request->user()->tokenCan("read"). Revoke tokens: $user->tokens()->delete(). Compared to Passport (OAuth2), Sanctum is simpler and covers 90% of use cases. It is the default authentication for Laravel starter kits.