Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hi. Currently developing an SPA that will access an API Backend. eg. GreatNewApp.com (SPA) eg. SomeAPI.com (Backend obviously)
Currently, using JWT to pass back to the SPA (Over HTTPS)
Question is: What is the best way for the SPA to send the API an Email and Password. I currently have it so a FORM POST -> Email and Password to the Backend, but I'm told that it's not the way to do it.
So anyone can help with 'How to authenticate' a user on the initial load (before JWT Token).
Thanks
An ajax request with the email and password to the API is the standard approach. Right now i do not see another way (maybe GraphQl). A good discussion is here http://stackoverflow.com/questions/20963273/spa-best-practices-for-authentication-and-session-management
Please or to participate in this conversation.