api:auth middleware returning login screen on unauthenticated

Posted 10 months ago by itstrueimryan

I have a route set up in api.php:

Route::get('test', function() {

I have my app all hooked up with Passport's token system, so I get a token by hitting the endpoint /oauth/token, and then proceed to use that to hit my api endpoints. Works great. However, when a route like the one above is sent an invalid token, instead of getting a 401 Unauthorized error like I should, I'm getting redirected to the login page on my front end.

When I look at what is going on under the hood, I see that it gets to this method in Authenticate.php:

   protected function authenticate(array $guards)
        if (empty($guards)) {
            return $this->auth->authenticate();

        foreach ($guards as $guard) {
            if ($this->auth->guard($guard)->check()) {
                return $this->auth->shouldUse($guard);

        throw new AuthenticationException('Unauthenticated.', $guards);

With testing, I've found out that it does indeed reach that bottom exception. Still, I'm getting a login screen in response in Postman so I'm not really sure what's going on. All I'm looking for is a simple 401.

Please sign in or create an account to participate in this conversation.

Laracasts Mascot

Hi, Have We Met Yet?

Did you know that, in addition to the forum, Laracasts includes well over 1000 lessons on modern web development? All for the price of one lunch out per month.

Sign Me Up


Reply to

Use Markdown with GitHub-flavored code blocks.