How to Generate Unique and Secure API keys with PHP

The string used for an API key or token should be singular and safe. PHP random_bytes() function generates pseudo-random bytes that are cryptographically safe. Apply random_bytes() and bin2hex() function to create unique and strong API keys in PHP.

The following PHP code snippet supports you to create a random and safe string with PHP which is helpful for an API key/token.

$key = bin2hex(random_bytes(32));

The above mentioned code will output 64 characters long string.

d7a03fee5546592a37e22ff8f45bbbe45da4632dfed9a774e085d0e8b5d3fa73

Use hash_equals() function to compare key strings.

if(hash_equals($api_token, $key)){ 
    echo 'Valid'; 
}else{ 
    echo 'Invalid'; 
} 

Have Fun!