close
The string used for an API key or token should be unique and secure. PHP random_bytes() function generates pseudo-random bytes that are cryptographically secure. Use random_bytes() and bin2hex() function to generate unique and strong API keys in PHP.
The following code snippet helps you to create a random and secure string with PHP which is useful for API key/token.
$key = bin2hex(random_bytes(32));
The above code will output 64 characters long string.
d7a03fee5546592a37e22ff8f45bbbe45da4632dfed9a774e085d0e8b5d3fa73
Use hash_equals() function to compare key strings.
if(hash_equals($api_token, $key)){
echo 'Valid';
}else{
echo 'Invalid';
}
