• JWT Token: Obtained after login to the authentication service

• Laravel Token: Sanctum token from your Laravel application

Both tokens are required for maximum security. The system validates:

• JWT signature and expiration
• Laravel token against user session
• Consistency between both tokens