CorCronje
4 months ago

Where to store your JWT token

Posted 4 months ago by CorCronje

Hello there!

I'm consuming a RESTful API using Guzzle and initially do an authentication request to JWT authorization token that is to be included in the header of all subsequent requests.

This token is typically valid for a predetermined period of time, 24 hours in this case, and thus I wish to store the token somewhere and optimally reuse it. I don't want to store it in a DB as this means that have to query the DB each and every time I call the class. Secondly I aiming to find some database / platform agnostic solution that I can apply to all my projects, as I'm consuming various APIs that works in a similar manner.

I am currently storing the token in a ".token" file in the root of my app, and then read the file each time the class is instantiated, but I am a bit concerned for security and performance.

How do you store your API tokens and is there some other efficient solution that I can implement over all my projects?

Thanks!

Please sign in or create an account to participate in this conversation.