Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Sep 19, 2022

4

OP

Level 2

Multiple authentication types in the same API?

Hi all

I have an app with an API using the default token-based authentication that comes with Laravel (no sanctum/passport). Right now there's a need to add JWT support to it, but without replacing what already works. So basically I need the same routes to support two different authentication mechanisms.

Any tips or advice on how to proceed and pitfalls to avoid? thanks in advance.

Level 80

@nunodonato middleware('auth:guard1,guard2')

OP

Level 2

@martinbean thanks, but won't that comma act as an AND? I want to use only one of guards, depending on the authentication mechanism selected

Level 80

thanks, but won't that comma act as an AND?

@nunodonato No, it won’t. It’s the names of guards, and Laravel will check each one for a user:

https://github.com/laravel/framework/blob/9.x/src/Illuminate/Auth/Middleware/Authenticate.php#L47-L56

OP

Level 2

@martinbean Ah, I thought it would check require all guards to pass when defined like that. Thanks again!

1 like

Please or to participate in this conversation.