Our great sponsors
-
I looked at the phpleague oauth2-server and there, they say that a SPA (front end in angular or react) should use Authorization code grant and not password grant (it seems password grant is not recommended to use anymore).
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
I'm just going through a round of upgrades when using the package "tymon/jwt-auth". It looks like it's in a painful spot right now, hasn't had an official release in a long time, people are using develop branch, but it's colliding with another package (lcobucci 3.4.x). Long story short: look at https://github.com/PHP-Open-Source-Saver/jwt-auth