Juliatzin del Toro Juliatzin del Toro - 19 days ago 12
PHP Question

Laravel API Authentication with JWT

I'm reading the book: Build APIs You Won't Hate, and it propose several Authentication methods:


  1. Basic Auth

  2. Digest Authentication

  3. OAuth 1.0a

  4. OAuth 2.0

  5. OpenID

  6. Hawk

  7. Oz



I have a application that will have differents components


  • Internal APIs

  • Laravel WebApp with FB / Google Login via Socialite

  • VueJs

  • Mobile App



I will not have a public API.

I was thinking of using JWT to secure my APIs, but as I don't see it in the book, I'm wondering if I am not making a mistake.

Any advice will be apreciated!

Answer

Using JWT is a good practice for securing APIs it is not a mistake as far as I'm concerned.

But as Laravel 5.3 is now released and we have a Laravel Passport (OAuth2 Server) for API authentication which would be very help full to you I think.

You could refer the Laravel 5.3 release note for the document. Also Laracast has a free video tutorial explained in detail.