Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I need to create an application. I need an admin portion as well an api that would be used by customers. I plan to use fortify and sanctum for authentication. I am unclear as how to get fortify to work with both web and api authentication.
Any suggestions would be really helpful
If the web portion is not a SPA, I would suggest using passport.
However, the API portion whether sanctum or passport would be token based and the web portion session based. So fortify can be used but separate from sanctum or passport.
Also see my reply and link I gave here: https://laracasts.com/discuss/channels/laravel/multiauth-with-jetstream-laravel-8
So you are saying for the API use passport and then i'll be able to use fortify for the web portion
Sanctum or passport can be used, I just suggest passport. But it's only a suggestion if you do not have an SPA. But if you do have an SPA then look at using Sanctum.
But the session portion you mentioned, any of the session based techniques would work including Fortify.
View those videos also, they explain a lot.
Please or to participate in this conversation.