401 even with X-CSRF-TOKEN when consume own API

Are you including the

'Authorization' => 'Bearer '.$accessToken,

header in your ajax requests using passport?

https://laravel.com/docs/5.6/passport#passing-the-access-token

Thx for fast response :) That would work, but then i do it with normal access tokens. I try to access the API as logged in user in laravel. If you scroll a bit down at the link there is the headline "Consuming Your API With JavaScript". Thats what i want to do. It already works with Barear and my Postman App. But it does not work with the X-CSRF-TOKEN in axios when I'm a logged in user. And i dont know what i can do. I'm feeling like i testet everything :(

Still on the same problem. I see that laravel_token is set in cooke of the request header. And the route includes the auth:api. Also also tested the client middleware (\Laravel\Passport\Http\Middleware\CheckClientCredentials). So maybe I just dont understand the workaround... client middleware is working for 3rd party apps already. Like a framework 7 app. And docu says I should use auth:api. Which isnt working. So what middleware should i use now and how can i define a middleware which can be accessed with a access token (bearer) and also with logged in users at laravel? ... Is it maybe a problem with sentinel? I use cartalyst platform which includes sentinel?

Ok. I still have x-xsrf-token and x-csrf-token which is sent with every request. But i still get 401. It seems the middlerware ('client' => \Laravel\Passport\Http\Middleware\CheckClientCredentials::class) does not work. Last try to get help. If nobody can, i will build up two api's. Dont want to waste another week with this problem. Thx.

Finally after two weeks of testing i found the solution:

First I use Cartalyst Platform, which is a framework/cms based on laravel. It is from the makers of sentinel. That means they use sentinel. And the platform cms comes with a refactored autenticate middleware which use sentinel. So it is not enough to use auth:api middleware. The user there will always be null. You have to put web before. In my case i need an api for my cms backend and also one for an iphone app. So i have to build up two route groups. With this middlewares:

1. Middleware for iphone app: ['client'] Notice to define it in your kernel.php like this: 'client' => \Laravel\Passport\Http\Middleware\CheckClientCredentials::class,

2. Middleware for web users with sentinel. This was my main problem. I ever only used ['auth:api'] but YOU HAVE TO USE ['web','auth:api'] because web will load sentinel, which can only be used if you call web middleware.

Hope it helps.