Can I use Laravel Sentinel with Laravel 13 for a new project?

No, avoid Sentinel for new projects. It’s unmaintained, conflicts with Laravel’s first-party auth (Breeze/Jetstream), and lacks support for modern features like API tokens. Use Spatie’s Laravel-Permission or Laravel Breeze instead.

How do I install Sentinel without breaking Laravel’s default auth?

Disable Laravel’s default auth in `config/auth.php` and run `php artisan sentinel:install`. This prevents duplicate users tables and guard conflicts, but ensure you’re on Laravel 8–13. For Laravel 10+, expect manual overrides for breaking changes.

Does Sentinel support multi-tenancy or dynamic permissions?

Yes, Sentinel is extensible—you can customize user models, guards, and event listeners. However, dynamic permissions require manual cache management (`php artisan sentinel:clear-cache`) after role changes to avoid stale data.

Will Sentinel work with Laravel Passport or Sanctum for APIs?

No, Sentinel conflicts with these packages due to overlapping auth logic and database tables. If you need API auth, use Laravel Breeze with Sanctum or Passport directly, or migrate to Spatie’s permission system.

How do I migrate from Sentinel to Spatie Laravel-Permission?

Export Sentinel roles/permissions via `DB::table('sentinel_roles')->get()`, then import them into Spatie’s tables. Document the process early—this is non-trivial due to schema differences. Test thoroughly in staging before switching.

Are there security risks using Sentinel in production?

Yes, Sentinel’s last update was 2017, so unpatched vulnerabilities likely exist. Assume risks for sensitive data (PII, financial). Conduct manual security audits, disable unused features, and monitor for CVEs. Consider it a stopgap, not long-term.

Can I use Sentinel’s heartbeat endpoint for uptime monitoring?

Yes, Sentinel provides a `/health` endpoint for basic diagnostics (status, version, DB checks). It’s lightweight but lacks advanced monitoring like Laravel Forge or Healthchecks. For production, pair it with external tools like Pingdom.

How do I test Sentinel’s RBAC in PHPUnit?

Mock the `Sentinel` facade and verify role/permission checks with assertions like `assertTrue(Sentinel::check('admin'))`. Test edge cases: role inheritance, permission revocation, and bulk operations. Use `Sentinel::getUser()` to simulate authenticated requests.

What’s the best alternative to Sentinel for Laravel 10+?

For new projects, use **Laravel Breeze** (auth scaffolding) + **Spatie Laravel-Permission** (RBAC). For APIs, combine Breeze with **Sanctum** or **Passport**. These packages are actively maintained, Laravel-first, and avoid Sentinel’s monolithic design.

How do I handle database conflicts between Sentinel and Laravel’s default users table?

Disable Laravel’s default migrations (`php artisan migrate --ignore-table=users`) and configure Sentinel to use `sentinel_*` tables exclusively. For isolation, place Sentinel tables in a separate database or schema. Always back up before running migrations.

Weave Code

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Sentinel Laravel Package

laravel/sentinel

Laravel Sentinel adds simple, lightweight tools for monitoring and reporting within Laravel apps. Built as a package you can drop in to capture key events, surface issues, and gain basic operational visibility without heavy setup or external services.

View on GitHub

Deep Wiki

Context7

laravel/sentinel is a lightweight Laravel package for monitoring and surfacing runtime issues in your application. It provides a simple way to capture exceptions, key events, and operational signals so you can diagnose problems faster in development or production.

Designed to integrate cleanly with the Laravel ecosystem, it helps you centralize error context and keep visibility over critical flows without heavy setup.

Captures and reports exceptions with useful context
Hooks into Laravel’s events/pipeline for consistent tracking
Configurable channels/handlers for flexible reporting targets
Lightweight setup with sensible defaults for Laravel apps

Frequently asked questions about Sentinel

Can I use Laravel Sentinel with Laravel 13 for a new project?: No, avoid Sentinel for new projects. It’s unmaintained, conflicts with Laravel’s first-party auth (Breeze/Jetstream), and lacks support for modern features like API tokens. Use Spatie’s Laravel-Permission or Laravel Breeze instead.
How do I install Sentinel without breaking Laravel’s default auth?: Disable Laravel’s default auth in `config/auth.php` and run `php artisan sentinel:install`. This prevents duplicate users tables and guard conflicts, but ensure you’re on Laravel 8–13. For Laravel 10+, expect manual overrides for breaking changes.
Does Sentinel support multi-tenancy or dynamic permissions?: Yes, Sentinel is extensible—you can customize user models, guards, and event listeners. However, dynamic permissions require manual cache management (`php artisan sentinel:clear-cache`) after role changes to avoid stale data.
Will Sentinel work with Laravel Passport or Sanctum for APIs?: No, Sentinel conflicts with these packages due to overlapping auth logic and database tables. If you need API auth, use Laravel Breeze with Sanctum or Passport directly, or migrate to Spatie’s permission system.
How do I migrate from Sentinel to Spatie Laravel-Permission?: Export Sentinel roles/permissions via `DB::table('sentinel_roles')->get()`, then import them into Spatie’s tables. Document the process early—this is non-trivial due to schema differences. Test thoroughly in staging before switching.
Are there security risks using Sentinel in production?: Yes, Sentinel’s last update was 2017, so unpatched vulnerabilities likely exist. Assume risks for sensitive data (PII, financial). Conduct manual security audits, disable unused features, and monitor for CVEs. Consider it a stopgap, not long-term.
Can I use Sentinel’s heartbeat endpoint for uptime monitoring?: Yes, Sentinel provides a `/health` endpoint for basic diagnostics (status, version, DB checks). It’s lightweight but lacks advanced monitoring like Laravel Forge or Healthchecks. For production, pair it with external tools like Pingdom.
How do I test Sentinel’s RBAC in PHPUnit?: Mock the `Sentinel` facade and verify role/permission checks with assertions like `assertTrue(Sentinel::check('admin'))`. Test edge cases: role inheritance, permission revocation, and bulk operations. Use `Sentinel::getUser()` to simulate authenticated requests.
What’s the best alternative to Sentinel for Laravel 10+?: For new projects, use **Laravel Breeze** (auth scaffolding) + **Spatie Laravel-Permission** (RBAC). For APIs, combine Breeze with **Sanctum** or **Passport**. These packages are actively maintained, Laravel-first, and avoid Sentinel’s monolithic design.
How do I handle database conflicts between Sentinel and Laravel’s default users table?: Disable Laravel’s default migrations (`php artisan migrate --ignore-table=users`) and configure Sentinel to use `sentinel_*` tables exclusively. For isolation, place Sentinel tables in a separate database or schema. Always back up before running migrations.

View on GitHub

Stars

Favorites

Forks

Score

21.2

License

—

Last release

Mar 31, 2026

Watchers

Downloads

2M/mo

Dependents

Open issues

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

davejamesmiller/laravel-breadcrumbs

artisanry/parsedown

christhompsontldr/phpsdk

enqueue/dsn

bunny/bunny

enqueue/test

enqueue/null

enqueue/amqp-tools

milesj/emojibase

bower-asset/punycode

bower-asset/inputmask

bower-asset/jquery

bower-asset/yii2-pjax

laravel/nova

spatie/laravel-mailcoach

spatie/laravel-superseeder

laravel/liferaft

nst/json-test-suite

danielmiessler/sec-lists

jackalope/jackalope-transport