Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hi there,
I've come back to a Laravel project of mine and wanted to add a REST-API. For that I decided to go with Laravel Sanctum, for ease of managing API tokens. I am running Laravel 11.
I read the documentation and installed it, the new table with the access tokens got generated and I've provisioned users succesfully using my seeders.
When I try to access a protected route now, I get the following error:
"SQLSTATE[42S22]: Column not found: 1054 Unknown column 'api_token' in 'where clause' (Connection: mysql, SQL: select * from `users` where `api_token` = pokawdpowkadpo.... limit 1)"
This error is correct, since there is no coloumn "api_token" in my users table. I thought, Sanctum should use it's own table for finding the user and getting the token? Why does it need a api_token column, that is not documented?
In my search of solving this problem, I stumbled accross my "auth.php" file:
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
As you can see, for my "api" guard "token" is set. Is this correct or should there be something else? When I try to change this to Sanctum, the whole site crashes without an error in any log file.
My route is protected using the following in the api.php:
Route::middleware('auth:sanctum')->get('/test', [TestController::class, 'test']);
Let me know, if you need anything to help me. Thank you in advance for your help.
Thank you. Marc
Remove api guard section.
It is not included in Laravel11's auth.php.
https://github.com/laravel/laravel/blob/11.x/config/auth.php
Sanctum automatically uses its own guard.
https://github.com/laravel/sanctum/blob/4.x/src/SanctumServiceProvider.php
Look for auth:api in your project. Remove or replace to auth:sanctum if found.
@puklipo This works! Now the app is not crashing anymore and I get the "unauthenticated" problem. But this is for another topic. Thank you!
Please or to participate in this conversation.