# Sanctum Integration

### Introduction <a href="#introduction" id="introduction"></a>

Laravel [Sanctum](https://laravel.com/docs/10.x/sanctum) offers a lightweight authentication system for mobile apps, token-based APIs, and single page applications (SPAs). Every user of your application can create several API tokens for their account with Sanctum. These tokens might be given scopes or abilities that define what kinds of actions they can carry out.

### Installation <a href="#installation" id="installation"></a>

{% hint style="warning" %}
The most recent versions of Laravel already include Laravel Sanctum. However, if your application's composer.json file does not include laravel/sanctum, you may follow the installation instructions below.
{% endhint %}

1. Using the Composer package manager, you can install Laravel Sanctum.

```bash
composer require laravel/sanctum
```

2. Next, you should publish the Sanctum configuration and migration files using the vendor:publish Artisan command. The sanctum configuration file will be placed in your application's config directory:

```bash
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
```

3. Next, in your application's `app/Http/Kernel.php` file, add Sanctum's middleware to your api middleware group if you want to use it for SPA authentication:

```php
'api' => [
    \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
    'throttle:api',
    \Illuminate\Routing\Middleware\SubstituteBindings::class,
],
```

4. You may use Sanctum to issue personal access tokens and API tokens, which you can use to authenticate API queries to your application. When utilizing API tokens for requests, the token needs to be supplied as a Bearer token in the Authorization header.
5. To begin issuing tokens for users, your `User` model should use the `Laravel\Sanctum\HasApiTokens` trait:
6. `HasApiTokens` adds in User model file.according to below example:

<pre class="language-php"><code class="lang-php">use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
{
<strong>    use HasApiTokens, HasFactory, Notifiable;
</strong>}
</code></pre>

7. Then, in your application's `config/auth.php` configuration file, you should add the driver option for the api authentication guard.

<pre class="language-applescript"><code class="lang-applescript">'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
<strong>        'driver' => 'sanctum',
</strong>        'provider' => 'users',
        'hash' => false,
    ],
],
</code></pre>

8. Executing your database migrations should be your final step. In order to hold API tokens, Sanctum will make one database table:

```batch
php artisan migrate
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://phoenixcoded.gitbook.io/able-pro/vue-laravel/development/sanctum-integration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.