Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I am testing default latest version of Laravel. I create default auth routes, and web work fine.
I see there is in api.php routes an endpoint /user with middleware auth.
However, this endpoint require authentication.
There is something already default for api authentication, or I need to add for example passport?
Thanks
You can go with passport, or a very simple token based api. Laravel, out of the box, is setup for the token based one.
If you add an 'api_token' field to your user migration, and seed it, any request going to an API route with an 'api_token' header will be authenticated as that user.
In bigger production systems however, installing Passport should be preferred and is very easily installed
If you add an 'api_token' field to your user migration, and seed it, any request going to an API route with an 'api_token' header will be authenticated as that user.
Thank You for this information. There is not anywhere this information.
Yes Passport looks much better. But I want just to test what laravel offer by default.
If you add an 'api_token' field to your user migration, and seed it, any request going to an API route with an 'api_token' header will be authenticated as that user.
@lostdreamer_nl I suppose api_token is a string, how much long should be? or doesn't matter and I can set any?
@zoroaster this should do:
$table->string('api_token', 60)->unique();
Please or to participate in this conversation.