Laravel 5.3 Passport API unauthenticated in Postman using personal access tokens

i also have the same problem.. i don't know why....

I got the exact same problem a while ago. And this is what I've done to fix it, more details in this post: https://github.com/laravel/passport/issues/47

So this is normally to fix the oAuth Client tokens: The expiry date is set to now + 100 years in Passport.php, line 167.

return static::$tokensExpireAt
? Carbon::now()->diff(static::$tokensExpireAt)
: new DateInterval('P100Y');

If you set it to, i.e., P1Y, it is working. Something like:

return static::$tokensExpireAt
? Carbon::now()->diff(static::$tokensExpireAt)
: new DateInterval('P1Y');

The same holds true for the refresh token a few lines below:

return static::$refreshTokensExpireAt
? Carbon::now()->diff(static::$refreshTokensExpireAt)
: new DateInterval('P1Y');

And this is for the Personal Tokens: And also in PassportServiceProvider.php line 84, concerning the Personal Tokens:

$server->enableGrantType(new PersonalAccessGrant, new DateInterval('P1Y'));

Hope it helps ! :)

@doublep , it gives another error.. you can't delete the public client token from ui genarated by Vue and Passport.

Could you tell me more? Do you get any error? If you check at firebug (or any equivalent), what is the error that you get?

Nope no error are thrown or recorded in the error log, auth just fails. The problem is with DateInterval('P100Y') as pointed out. This must be a Windows issue, I don't get the error on Linux. Changing to DateInterval('P10Y') works fine.

@doublep can you please explain why P100Y fails and why your fix P1Y (I did P10Y) works?

same with me, i just edit PassportServiceProvider.php at row

$server->enableGrantType(
    new PersonalAccessGrant, new DateInterval('P100Y')
);

to

$server->enableGrantType(
    new PersonalAccessGrant, new DateInterval('P1Y')
);

and it works, thanks.

Did you check app\Providers\RouteServiceProvider.php ?

in the mapApiRoutes() you can set the middleware. check to make sure its auth:api. if its not, change it. also, remove the auth middleware from the route api.php file.

@fero I have been messing with this on and off for several months now as my protected API routes always return unauthenticated when sending the Bearer token in the request header.

I tried several things mentioned online from my research but nothing worked! That is until I saw your post and it finally works on my end thank you so much!

My issue was in the app\Providers\RouteServiceProvider.php file where it had api as the middleware in the mapApiRoutes() function. I changed it to auth:api in the function like you mentioned and it works great now! Thank you and its sad that I have not seen this mentioned anywhere after hundreds of articles, github issues, stackoverflow questions, etc on this very issue, this is the first I have ever seen this mentioned and it was the problem all along.