In the current Laravel application, token control is done with Passport. The application receives a token with a username and password after a login request. API requests are made with the received token.
After receiving a token with an Authorization Code Grant With PKCE from another Oauth2 server, how do I make API requests with the received token in the existing Laravel 10 application?
The application receives a token with a username and password after a login request. API requests are made with the received token.
@dmazlum What do you mean by this? You should not be sending passwords in responses, not less because this means you’re storing passwords in plaintext, which is a huge no-no. It also completely defeats the point of using token-based authentication like OAuth if you’re then sending credentials (emails and passwords) backwards and forwards.
After receiving a token with an Authorization Code Grant With PKCE from another Oauth2 server, how do I make API requests with the received token in the existing Laravel 10 application?
To summarize the situation as follows. Two applications written in .NET perform user authentication with Single sign-on. I want to add the existing Laravel application to this ecosystem.
The Laravel application uses the Passport package when accepting API requests and now makes other API requests inside with the token it creates.
My question is exactly this. How should I make API requests in the existing Laravel application with the token I get from the server that does user authentication?
Since the token is not created in the Laravel application, how will this be done with the external token?
@Devrim You use Passport if you want people to obtain OAuth tokens from your app, for your app’s users. Not to consume tokens from other apps.
You should be obtaining a token from your existing SSO provider, which should either also contain the user information using an existing protocol such as OpenID, or let you query a “current user” endpoint to get the information for the user that the token is associated with. You then retrieve or create a user in your Laravel app based on the user’s unique identifier.
