What will be the perfect way to make auth:api requests from a chrome extension to laravel passport api?
What I am currently doing:
Ofcouse this is not a good idea because anyone can register, which will generate a token and this can be used to access allowed resources (i am using laratrust for ACL), from any device or bot to exploit my API.
My platform/server: Laravel 6, Passport 9, Laratrust 5
I have multiple clients for the API, a mobile app, own website (using CreateFreshApiToken middleware), other 3rd party clients (using Oauth), I need to add this new chrome extension to have access to the API.
Any help will be great, Thanks