Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

duddy67's avatar

Custom API Authentication ?

I set up an API Authentication as explained here https://laravel.com/docs/5.8/api-authentication Everything works as expected (in Postman) but I'm confused about the middleware and guard set in the routes:

Route::middleware('auth:api')->get('/user', function(Request $request) {
      return $request->user();
  });

Where is the Authorization token checked, in the auth middleware, in the api guard ?

What if I want to check a custom header (called X-token for ex) ?

Should I modify the native api guard, and if so, how to do that ?

0 likes
0 replies

Please or to participate in this conversation.