The 401 Unauthorized error or missing cookies when using Laravel Sanctum with React is likely due to CORS or CSRF issues. Ensure:
Laravel:
.env: SESSION_DOMAIN=localhost, SANCTUM_STATEFUL_DOMAINS=localhost:5173, SESSION_SECURE_COOKIE=falsecors.php: supports_credentials => true, allowed_origins => ['http://localhost:5173']api.php: Include /sanctum/csrf-cookie and auth:sanctum middlewareReact (Axios):
import axios from 'axios';
const apiClient = axios.create({
baseURL: 'http://127.0.0.1:8000',
withCredentials: true,
withXSRFToken: true,
});
const login = async (email, password) => {
await apiClient.get('/sanctum/csrf-cookie');
await apiClient.post('/login', { email, password });
const user = await apiClient.get('/user');
return user.data;
};
Check browser DevTools for XSRF-TOKEN and laravel_session cookies.