Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I am developing api using laravel passport. But i have tried using the various grant types, the authorization code, password grants, client credentials but still not getting the desired result i want. Maybe i am not able to understand well. Looking at stripe, after you signup, you get api key and a secret which you use in your application. How do I achieve same result using passport where after user signup, user get API_KEY and USER_SECRET to use in his application.
Passport is a bit of a different way of authentication the user then just an API-key and secret. In general, this is connected to a user and also to the host they connect from (also called the client).
Anyway, you can easily generate a random string as API-key and secret for the user and check on that. No need for passport in this case.
Alright, i had in mind on doing that, but a bit sceptical on how to go about it. If i check the keys generated, how do i go about generating a token as well, or i will used passport for that. And can i use the password grant to generate token. like, after validating the request and getting the user with the associated secret and api keys, then i used password grant to continue. how do i implement password grant in my own application
I think if you already have the user at hand, you can get its email and password, then just make up a password grant type token request to OAuth server, then you get an access token, return it and all done.
Please or to participate in this conversation.