API Authentication using Laravel Passport – Complete Guide 2020

In this tutorial we will see how to create API Authentication using Laravel Passport package. This very use full when you write Vue.js application because you have to authenticate your Restful Api using the Laravel Passport Authentication system

Laravel Passport is complete OAuth2 server implementation. If you try to implement OAuth2 from scratch it is complex and time consuming work. Thank to Laravel, You have Laravel Passport which is easy to learn and easy to implement

What is Passport?

Laravel Passport is full OAth2 server implementation. So you find very easy to develop sure API based application in Laravel, by using the Passport authentication method

Why do you need Laravel Passport?

You can separate front-end and back-end
You need to get data without session
You can secure your API

You can simply follow the steps given below to implement the Passport

1 Create new Laravel project
2 Install Passport and Configure
3 Create User Interface for managing OAuth clients and tokens
4 Testing OAuth with consumer application

1 Create new Laravel project

Download the Laravel via composer

Create new Laravel project named oauth

Generate the Authentication scaffolding

For Laravel >=6

2 Install Passport via the Composer package manager

You can install the Laravel Password package using following command

Now register the Passport service provider in the providers array of the config\app.php file


Now you can run the migration command to create tables in the database

Now you can create the encryption keys needed to generate secure access tokens

Add the Laravel\Passport\HasApiTokens trait to your App\User model

Next step is to register the routes necessary to issue access tokens and revoke access tokens, clients, and personal access tokens
Add the following code to boot method of the App\Providers\AuthServiceProvider

Finally you can update the api of the guard in config\auth.php

3 Create User Interface for managing OAuth clients and tokens

Now I am going to create interface in OAuth server to manage client applications

Copy the following code to resources/assets/js/app.js

Now you can use NPM to rebuild the assets using Webpack

When you complete the rebuilding you can create a page to see OAuth clients and Personal Access Tokens
Run the following code in terminal

This will create the SettingsController.php file in App\Http\Controllers namespace. You can add the following code to controller

Now you can create the resources\views\settings.blade.php file and add the following code

This is VUE components you added in earlier steps and this will generate all HTML code needed to display client details

Finally, you can add the following code to /routes/web.php file

Now you can start the server

When open the you can see the following screen

4 Testing OAuth with consumer application

In this section we are going to create another Laravel project and do the testing with OAuth server

Crete new Laravel project

Next I am going to install the Guzzle

Now you can start the server on port 8001

Now I am going to make routes to test the application

So this the route entry we need to send authorization request to the OAuth server

Next you can add the following route code to same web.php file and this is the callback handler. This route will receive the code from the OAuth server. It again sends back the request to OAuth server with other parameters like client_id,client_secret etc. After sending the request it will receive the token and it will save in the session

When above route receives the token and save it the session, it will redirect to the following route and display the posts in json format


If you have done programming with OAuth server before you know how pain full work it is. I know that you do not like it at all.
But thanks to Laravel, you have enjoyable Passport package with lot of features.