Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I am developing a simple bookmarking web app that isn't a SPA but has pages that make HTTP requests, such as adding/updating/deleting bookmarks.
I am currently using the built-in Laravel auth, and for these API routes, I would also like them to be authenticated so that only the user that owns the bookmarks or a user who is an administrator can make these changes.
How would I go about configuring these routes to be able to do this?
I suggest first taking lessons on how API authentication and authorization works. There is a learning curve involved.
Sounds as though this could be a regular web app and not an api.
Either way I suggest the free laravel training course from here.
Please or to participate in this conversation.