Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I have two different APIs on the same server with the same url base, but in different subfolders, in both I have JWT authentication.
A problem occurs when I login to one, the JWT of the other API identifies that there is a section too and leaves it logged in, but with token validation errors of course because the token secret is different.
Is there any way to separate JWT authentication on the same server?
I just found out, the front end of the application stores the user in a local storage in the browser, and identifies the login through it, the back end doesn't have two sessions.
This is the solution in my case: https://stackoverflow.com/questions/21946922/how-to-use-multiple-different-localstorage-in-a-single-domain.
Please or to participate in this conversation.