Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I am running an API that is authenticating against another API using Laravel Sanctum. Does anyone know of a way to override the default Laravel Sanctum PersonalAccessToken model?
I need to modify the database connection variable within this model like this:
<?php
namespace Laravel\Sanctum;
use Illuminate\Database\Eloquent\Model;
use Laravel\Sanctum\Contracts\HasAbilities;
class PersonalAccessToken extends Model implements HasAbilities
{
protected $connection = 'my-connection';
Which works just fine by directly modifying the file itself.
Any suggestions would be greatly appreciated.
I believe you should add the connection to your User model, since Sanctum provides just a trait which you add to your user model:
use HasApiTokens;
which then provides you the methods to create tokens, but those tokens are assigned to the user for which you are initiating the call.
This was my understanding as well. I initially just added the connection definition within the user model and also used the HasApiTokens trait but that didn't work on it's own. I had to also manually edit the PersonalAccessToken model's connection definition. Otherwise the Sanctum "PersonalAccessToken" model attempts to access the wrong db's "personal_access_tokens" table.
<?php
namespace App\Models;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
class User extends Authenticatable
{
use HasApiTokens,Notifiable;
protected $connection = 'my-connection';
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
Well I would not touch the vendor files.
I believe I found a way for you, but I cannot try it unfortunately.
So what I would do is create my own model:
<?php
namespace App; // your own namespace
use Laravel\Sanctum\PersonalAccessToken;
class PersonalAccessToken extends PersonalAccessToken
{
protected $connection = 'my-connection';
}
And then just add this line in your AppServiceProvider in the boot method:
Sanctum::usePersonalAccessTokenModel(App\PersonalAccessToken::class);
This should now use your version of it. Let me know if it does the job :)
This works like a charm. I didn't see that setter within the sanctum class initially!
Thank you!
hi, i did the same thing, but when i recall a new route passing Barear token the route is not recalled
any help?
max
Please or to participate in this conversation.