Where to store the JWT for authentication when Laravel is used as client?

I use Laravel 6 and GuzzleHTTP 7.

I could manage to make a request to an external (REST-) API and successfully authorize and get a token back:


Do I have to save this token explicitly in a session?
I’m trying to use this token in every following requests to the external API.

By googling I found only tutorials for Laravel how to generate JWT but not how to proceed when Laravel is used as a client and requests JWT.

Any help much appreciated!

UPDATE: The Laravel APP itself is the client (regardless of the user “inside” Laravel).


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Upon getting your token from a 3rd party service, store it in some form of storage (e.g. file, database, cache). I recommend using a Cache, as it’s faster (if your using an in-memory cache like Redis), and you can set a TTL.

If the token expires after a certain period of time, and doesn’t have a refresh token, then set the TTL to that date/time.


$ttl = Carbon::now()->addHour(); // set to when it expires or null if token doesn't expire
$jwtToken = Cache::remember('fooServiceJwtToken', $ttl, function () {
    $jwt = getJwtTokenUsingGuzzle(); // CHANGE
    return $jwt;

Do not store the data in a session, as sessions are tied to users using your application.

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x