The easiest way is to use InertiaJS, which is a bridging library between the frontend and the Laravel backed. Among other things, it allows you to use Laravel's routes.

Breeze is just a starter kit installer. You can install a kit in a fresh Laravel project - don't try doing it in an existing Laravel project! Run these commands:

composer require laravel/breeze
php artisan breeze:install

Select React with Inertia as the stack and your own preferences for the other choices. Then you'll have a working cookie-based auth scaffolding that you can modify to your needs.

DOES sanctum need subdomain ? or just CORS is enough ?

1. No.
2. CORS is irrelevant if you have a single domain.

Sanctum does not require a subdomain.

Whether Breeze is a better solution for React depends on your experience and goals.

There are two ways to work with React with Laravel:

1. Inertia.js

• Inertia.js keeps everything inside Laravel but renders React components instead of Blade.
• There’s no separate frontend app—React works inside resources/js.
• Uses Laravel’s web routes (web.php) just like Blade.

What It Needs:

• No need for an API (Inertia handles requests automatically).
• No CORS needed (since everything runs on the same domain).
• Laravel’s built-in session handling (same as Blade).

2. Laravel Breeze

• Breeze React is a completely separate frontend app built with React and Vite.
• It communicates with Laravel through API requests.
• Laravel Sanctum is used for session-based authentication (like traditional Laravel apps).

What It Needs:

• CORS configured for cross-origin requests.
• CSRF protection (since it uses cookies for authentication).
• Sanctum middleware enabled in Laravel.

Which One to Pick?

• Use Inertia.js if:

  • You want a Laravel app with React as the frontend but without building a separate API.
  • You don’t want to deal with CORS, API tokens, or frontend hosting.
  • You want to keep Laravel’s web routes (web.php) and session-based authentication, while using React instead of Blade.

• Use Breeze if:

  • You want a fully separate React app that communicates with Laravel via API requests.
  • You’re familiar with SPAs (like Next.js, Vite, or CRA).
  • You need an API-driven architecture where Laravel serves only as the backend.

Personally I use inertiajs with Fortify. Works like a charm :)