This action is unauthorized API

What does the other update (PUT) route URI look like?

@tykus there isn't one. It is only Route::put('clients/{id}', 'ClientController@updateSettingsClient'); in the routes/api.php file

Oh, right.

In that case, is there a FormRequest type-hinted on the updateSettingsClient controller method? And does that Request class return true (or truthy) from the authorize() method?

Or, is the route defined inside a group that uses the auth middleware? And, are you making the request as an authenticated user?

@tykus you meant this

PUT {{HOST}}/api/v1/clients/5

?

What is the updateSettingsClient method signature?

@tykus

public function updateSettingsClient(Client $client, ApiClientRequest $request, ClientRepository $clientRepo, ClientTransformer $transformer)`

Within ApiClientRequest it is set up to true

public function authorize()
    {   
        return true;
    }   

The routes file looks like this:

Route::group(["middleware" => ['api','lang'], "namespace" => 'Api'], function() {
    Route::prefix('v1')->group(function () {
    // THIS ONE WORKS IF I NAME THE METHOD update
    Route::resource( 'clients', 'ClientController', ['only' => ['index', 'store', 'show', 'update', 'destroy']] );
    // THIS ONE GIVES THE ERROR
    Route::put('clients/{id}', 'ClientController@updateSettingsClient');
    }); 
});

Route::resource( 'clients', 'ClientController', ['only' => ['index', 'store', 'show', 'update', 'destroy']] );
// THIS ONE GIVES THE ERROR
Route::put('clients/{id}', 'ClientController@updateSettingsClient');

I think you need to switch the order of those 2 routes. But, why wouldn't you just use the traditional update method in the resource controller?

What does the other update (PUT) route URI look like?

I asked this earlier... you do have a second PUT route, owing to your resource route definition; and it is being matched first, so your updateSettingsClient method is never hit.

@Cronix The resource one isn't running. I just put it there to show the one that gives no error if I call the method update and not updateSettingsClient.

I need to have two update methods because I have two different things under the Settings functionality that need to be updated.

@tykus I forgot to comment the actual line in the post. It is commented out in the code.

Route::group(["middleware" => ['api','lang'], "namespace" => 'Api'], function() {
    Route::prefix('v1')->group(function () {
        // Route::resource( 'clients', 'ClientController', ['only' => ['index', 'store', 'show', 'update', 'destroy']] );
        // THIS ONE GIVES THE ERROR
        Route::put('clients/{id}', 'ClientController@updateSettingsClient');
    }); 
});

You are going to have a problem with the two PUT routes having the same method signature.

What is the api middleware; is that the api group? You get that automatically in the routes/api.php file whenever it is mapped; you do not need to explicitly group your routes with that middleware.

You still need to change the order since they are going to the same controller. The resource route should be last.

@tykus I will have a problem even if the other method has a different name?

The other method is updateProfileClient so I was thinking about having something like this:

Route::put('clients/{id}', 'ClientController@updateSettingsClient');
Route::put('clients/{id}', 'ClientController@updateProfileClient');

That won't work though?

The problem is this part Route::put('clients/{id}'. They are the same url using the same http verb PUT. The urls need to be different (clients/{id}). Otherwise it will use whichever route is listed first when going to /clients/id using PUT

I will have a problem even if the other method has a different name?

You absolutely will, yes. Laravel will match the first route it finds, never the second.