What is the difference between Laravel auth, Passport and Sanctum and when are they used?
Asked
Active
Viewed 5,970 times
5
Mostafa Ahmed
- 474
- 7
- 16
2 Answers
10
Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. It is therefore necessary to have a brief knowledge of OAuth2.
Sanctum it is a simple package to issue API tokens to your users without the complication of OAuth. Sanctum uses Laravel's built-in cookie based session authentication services.
In a small application use Sanctum. it's simple and easy
Auth (Authentication) is the process of identifying the user credentials. In web applications, authentication is managed by sessions which take the input parameters such as email or username and password, for user identification. If these parameters match, the user is said to be authenticated.
Refrences:
Hope it helps..
Thanks.
Salman Zafar
- 3,844
- 5
- 20
- 43
-
3I would add that **Sanctum** can only be used when API and SPA are under the same domain name. And although **Passport** can be used between different domain names, the user of a SPA needs to be redirected to Laravel to sign in before being redirected to the SPA. Please, correct me if I'm wrong. – DevonDahon May 29 '20 at 21:35
0
For me, Sanctum is a lighter auth system to used in SPA under the same domain as the API. while Passport (OAuth2) allows to sign in from a SPA to another domain, and user is redirected to backend to login, which is complicated. Token and JWT just seem older and more difficult.
Tomas Pajarillaga
- 11
- 1