OAuth2 (Laravel Passport) - how it works?

Personal Access Client The personal access client is the access tokens that can be generated will allow us to interact with our API with various tools. These access tokens essentially allow you to authenticate with your API without having to go through the whole OAuth2.0 handshake with your own app and can be used in place of a username and password.

Password Client The password client is utilised mainly in trusted applications that authenticate with your system, this client is internal consumption and potentially a mobile app where the user can login and interact with your API. This grant will require a valid username and password every time to receive a bearer token.

To use your refresh_token to refresh your access token, you need to call the oauth/token route with the grant_type of refresh_token.

$response = $http->post('http://your-app.com/oauth/token', [
    'form_params' => [
        'grant_type' => 'refresh_token',
        'refresh_token' => 'the-refresh-token',
        'client_id' => 'client-id',
        'client_secret' => 'client-secret',
        'scope' => '',
    ],
]);

return json_decode((string) $response->getBody(), true);

Thanks a lot! Password Client - for mobile apps (this is something for me : ) ) Personal Access Client - what kind of client app/system can by use this type of auth ?

and about refresh token in interaction with mobile app - which side of communication should initiate token refresh process and when ?

I also would like to add some questions: does a "simple" database -> my app connection require a Laravel Passport implementation? Is it necessary? I wanted to implement it but, as far as I got, there's no real deal if my app is not accessed externally.