1 week ago

Laravel Passport: when to use Personal Access Tokens?

Posted 1 week ago by Charrua

Hello, I wanted to deeper understand when to use Personal Access Tokens on Passport.

From Laravel docs:

Sometimes, your users may want to issue access tokens to themselves without going through the typical authorization code redirect flow. Allowing users to issue tokens to themselves via your application's UI can be useful for allowing users to experiment with your API or may serve as a simpler approach to issuing access tokens in general.

I understand that the first purpose is for testing or experimenting with the API, but the second "simpler approach to issuing access tokens in general" why would I need to issue an access token if not for testing or experimenting?

If I wanted to consume an API trough an SPA, this approach is good enough? What would be the weak points?

Thank you

Please sign in or create an account to participate in this conversation.