I need to restrict user actions in my API

I am making a Rest API in Laravel 10 with Passport. I was able to make all the routes, now I need that an authenticated user can not perform actions on behalf of another user; I explain, for example when I want to edit a user I receive the id of the user to edit by GET through the URL, for example I receive by URL the user 10, but the user that is authenticated is the user 3 and as the only restriction I have for a user to make changes is that this authenticated, the user 3 could change the name of the user 10, I do not know if I have explained, but feel free to ask for more info. Thanks