Level 61
Have you read the docs? https://laravel.com/docs/8.x/sanctum#how-it-works
I think it answers these questions.
Feb 9, 2021
3
Level 1
Sanctum - Storing the Token
I'm planning on using Laravel Sanctum to authenticate requests from a mobile application and as well as third parties.
When I authenticate the user and return them their Authorization token ($token->plainTextToken) to be used for future requests, do I need to be paranoid about storing this on the mobile device securely (as well as telling third parties to ensure they protect it adequately).
Or can I simply store it within the native storage / local storage without worrying about native storage encryption or other means to keep this token safe?
Level 4
@bugsysha No it does not answer how to store the token in the mobile application safely.
1 like
Level 2
If it's a native mobile app, on iOS you should use keychain services and on Android shared preferencies encrypted with Android's Keystore system.
Please or to participate in this conversation.