yes sir ..for api , i want to use passport for more secure authentication ...As passport is the most updated verson of authentification ...I have implemented it in laravel but failed to implement it in Lumen ...Thats why i needed help ...
Have you tried using composer to require in to lumen?
Passport is intended for oauth which is technically a way to authenticate another application to access your API not for authentication of users. That's what jwt is intended. By the nature of a 2 key (public and secret) the secret key will never be secret as the user (client side) would have to use it to authorize requests.
I think people get it confused. Oauth is to allow applications and sdks that send requests from server to server a way of secure authentication. User authentication is a sub feature of that.
For example Facebook:
Your laravel or lumen pulls in socialite (witch requires in Facebook php sdk). Your requests to Facebook requires both keys to request permissions to authorize a user. When a user accepts then a user token along with basic data is returned. The user token is not really required unless you need it for specific access to user data. But every request from your app to Facebook API has to have the two keys always.