Laravel API Authentication: Client Credentials Grant Tokens

Php artisan passport:client --client
Use Laravel\Passport\Http\Middleware\CheckClientCredentials;

protected $routeMiddleware = [
    'client' => CheckClientCredentials::class,
];
Route::get('/orders', function (Request $request) {
    ...
})->middleware('client');
Route::get('/orders', function (Request $request) {
    ...
})->middleware('client:check-status,your-scope');

Is suitable for machine-to-machine authentication.

Retrieving Tokens

$guzzle = new GuzzleHttp\Client;

$response = $guzzle->post('http://your-app.com/oauth/token', [
    'form_params' => [
        'grant_type' => 'client_credentials',
        'client_id' => 'client-id',
        'client_secret' => 'client-secret',
        'scope' => 'your-scope',
    ],
]);

return json_decode((string) $response->getBody(), true)['access_token'];

Related concepts

Laravel API Authentication: Client Credentials Grant Tokens — Structure map

Clickable & Draggable!

Laravel API Authentication: Client Credentials Grant Tokens — Related pages: