One API for front-end, one external

I have a Laravel application that is powered by Vue on the front-end, and it uses Passport to deliver a token to users who log in to the app. Routes that deliver content to the front end are protected and require this token.

Additionally, I have an API that a different type of user (different table/model altogether) can access externally. Similar to the front end, these users have to hit /oauth/token to get a token, then can access the other routes using that.

I'm having trouble setting it up so that both of these APIs can exist together while also keeping them separate, i.e. only the first type of user can access the front-end API routes, and only the second can access the external API routes.

I've tried creating different auth guards with different providers, and this works except that if a user from the first group shares the same id as a user from the second group, or vice versa, they can then access the other group's routes. Just looking for some architectural guidance on how I would go about accomplishing this. Thanks.