Laravel API Authentication: Password Grant Tokens

OAuth2 password grant

Allows your other first-party clients, such as a mobile application, to obtain an access token using an e-mail address / username and password.

Creating A Password Grant Client

Php artisan passport:client --password

Requesting Tokens

$http = new GuzzleHttp\Client;

$response = $http->post('http://your-app.com/oauth/token', [
    'form_params' => [
        'grant_type' => 'password',
        'client_id' => 'client-id',
        'client_secret' => 'client-secret',
        'username' => 'taylor@laravel.com',
        'password' => 'my-password',
        'scope' => '',
    ],
]);

return json_decode((string) $response->getBody(), true);

Requesting All Scopes

$response = $http->post('http://your-app.com/oauth/token', [
    'form_params' => [
        'grant_type' => 'password',
        'client_id' => 'client-id',
        'client_secret' => 'client-secret',
        'username' => 'taylor@laravel.com',
        'password' => 'my-password',
        'scope' => '',
    ],
]);

Laravel API Authentication: Password Grant Tokens — Structure map

Clickable & Draggable!

Laravel API Authentication: Password Grant Tokens — Related pages: