Level 50
Exposed routes can be configured in config/ziggy.php.
Mar 19, 2025
2
Level 8
Hiding Ziggy routes
I have a Laravel 11 web application that is using Breeze. It is now in production smoothly, but I have a concern about the "exposed" routes by Ziggy. All of the routes (including admin) are expose and anyone can see it. While I have the appropriate authentication and authorization applied, I just don't one every can see those routes especially the "admin" routes.
Has anyone here done this before?
// from the response in the browser's console
<script type="text/javascript">
const Ziggy = {
...
Level 8
I guess I'm just dumb cuz I didn't read the Ziggy docs before asking.
There's a Filtering with groups
// config/ziggy.php
return [
'groups' => [
'admin' => ['admin.*'],
'user' => ['users.*'],
],
];
Expose a specific group by passing the group name into the @routes blade directive:
// app.blade.php
@if (auth()->user()->isAdmin())
@routes('admin')
@else
@routes('user')
@endif
Please or to participate in this conversation.