# Multi-Token Support

/*
|--------------------------------------------------------------------------
| Multi-Token Support
|--------------------------------------------------------------------------
|
| When enabled, a user can hold multiple active tokens simultaneously,
| for example, one per platform (web, app, API, etc.).
|
*/

'multi_token' => [

    /*
    |--------------------------------------------------------------------------
    | Multi-Tokens Enabled
    |--------------------------------------------------------------------------
    |
    | This option determines whether multiple active tokens can be issued
    | for a single user. When enabled, a user may hold distinct tokens
    | across different platforms (such as Web, App, or API clients),
    | allowing simultaneous sessions under the same account.
    |
    */

    'enabled' => true,

    /*
    |--------------------------------------------------------------------------
    | Allow Multiple Platforms
    |--------------------------------------------------------------------------
    |
    | When true, tokens for different platforms (e.g., 'pc', 'mobile', 'app')
    | can remain valid at the same time.
    | When false, issuing a new token will invalidate all existing tokens
    | regardless of platform.
    |
    |
    */

    'allow_multi_platforms' => true,

    /*
    |--------------------------------------------------------------------------
    | Multi Platform Tokens
    |--------------------------------------------------------------------------
    |
    | A list of platforms that are allowed to have multiple active tokens
    | simultaneously for the same user.
    | Example: ['pc'] allows multiple tokens for PC platforms at the same time.
    |
    */

    'multi_platform_tokens' => [],
],

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54

TIP

allow_multi_platforms When true, tokens for different platforms (e.g., 'pc', 'mobile', 'app') can remain valid at the same time. When false, issuing a new token will invalidate all existing tokens regardless of platform.

TIP

multi_platform_tokens A list of platforms that are allowed to have multiple active tokens simultaneously for the same user. Example: ['pc'] allows multiple tokens for PC platforms at the same time.

# Priority

The guards configuration in config/auth.php takes precedence over the multi_token configuration in config/tokenable.php, so the configuration in config/auth.php can be overwritten in config/tokenable.php.

'guards' => [
    'api' => [
        'driver' => 'tokenable',
        'provider' => 'users',
        'allow_multi_platforms' => false,
    ],
    'web' => [
        'driver' => 'tokenable',
        'provider' => 'users',
        'allow_multi_platforms' => true,
        'multi_platform_tokens' => ['pc', 'h5'],
    ],
],

1
2
3
4
5
6
7
8
9
10
11
12
13

The above configuration will allow the same user to issue a token on both PC and H5 platforms, but only the latest token will be valid on the API platform.

use Illuminate\Support\Facades\Auth;
// api
Auth::guard('api')->login($user)->createToken('API Token');
// web
Auth::guard('web')->login($user)->createToken('PC Token', 'pc');
Auth::guard('web')->login($user)->createToken('H5 Token', 'h5');

1
2
3
4
5
6

← Default Token Driver Token Suspension Enabled →