How to implement Passport in Laravel 9 ?

In this tutorial we will learn how to implement full user authentication and a simple form of access control in an API using Laravel and Passport .

1. Install Laravel

composer create-project laravel/laravel passport_api

2. Install Laravel Passport Package

composer require laravel/passport

3. Run Migration

php artisan migrate

4. Generate Keys

php artisan passport:install

5. Edit AuthServiceProvider.php File

public function boot()


6. Edit config / auth.php file

'guards' => [
	'web' => [
		'driver' => 'session',
		'provider' => 'users',
	'api' => [
		'driver' => 'passport',
		'provider' => 'users',

7. Update the User Model

namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Laravel\Passport\HasApiTokens;
class User extends Authenticatable
    use Notifiable, HasApiTokens;

8. Create a UserController for the REST API in Laravel

php artisan make:controller UserController

namespace App\Http\Controllers;

use App\User; 
use Validator;
use Exception;
use GuzzleHttp\Client;
use Illuminate\Http\Request;
use Auth; 
use Laravel\Passport\Client as OClient; 

class UserController extends Controller
    public $successStatus = 200;
    // User Login
    public function login()
        if (Auth::attempt(['email' => request('email'), 'password' => request('password')])) {
            return $this->getTokenAndRefreshToken(request('email'), request('password'));
        else { 
            return response()->json(['error'=>'Unauthorised'], 401); 
    // User Register
    public function register(Request $request) { 
        $validator = Validator::make($request->all(), [ 
            'name' => 'required', 
            'email' => 'required|email|unique:users', 
            'password' => 'required|min:8|confirmed'

        if ($validator->fails()) { 
            return response()->json(['error'=>$validator->errors()], 422);            

        $password = $request->password;
        $input = $request->all(); 
        $input['password'] = bcrypt($input['password']); 
        $user = User::create($input);
        return $this->getTokenAndRefreshToken($user->email, $password);

    // Generate Bearer Token and Refresh Token
    public function getTokenAndRefreshToken($email, $password) { 
        $oClient = OClient::where('password_client', 1)->first();
        $http = new Client;
        $response = $http->request('POST', env('APP_URL').'/oauth/token', [
            'form_params' => [
                'grant_type' => 'password',
                'client_id' => $oClient->id,
                'client_secret' => $oClient->secret,
                'username' => $email,
                'password' => $password,
                'scope' => '*',

        $result = json_decode((string) $response->getBody(), true);
        return response()->json($result, $this->successStatus);

Now open the routes / api.php file and add the following routes to it:

Route::post('/register', 'UserController@register');
Route::post('/login', 'UserController@login');

9. Tests

php artisan serve
Hi I am Amit Kumar Thakur Experienced as s Software Developer with a demonstrated history of working in the information technology and services industry. Skilled in HTML, CSS, Bootstrap4, PHP, Laravel-9 , REST API,FB API,Google API, Youtube Api, Bitbucket,Github,Linux and jQuery. Strong engineering professional focused in Computer/Information Technology Administration and Management. Currently my profile is to Software Developer, analyze the requirement, creating frame for web application, coding and maintenance.

Related Posts

How to Crawl any website Meta Title and Meta Description in Laravel ?

1st step install below package. Next to create Controller First go to route and put below code Next go to controller and put below code Next go…

SQLSTATE[HY000] [2002] No such file or directory (Connection: mysql, SQL: insert into `oauth_clients` (`user_id`, `name`, `secret`

In this tutorial i’m going to solve the error SQLSTATE[HY000] [2002] No such file or directory (Connection: mysql, SQL: insert into oauth_clients (user_id, name, secret Error :-…

Top 20 Laravel Interview Question in 2024

In this tutorial im going share interview experience For laravel developer. A list of top frequently asked Laravel Interview Questions and answers are given below. Q #1) What is…

How to Get Google Analytics API key ?

In this tutorial we’re going to share how to get the google Analytics API key. I have shared in very easy way. First go enable Google analytics…

Youtube Subscriber Count in ReactJs

In this tutorial i’m going to learn how to count YouTube Subsribers count, views count as well, as define below. In order to install your app, first…

How to Disable Laravel’s Eloquent timestamps in laravel ?

In this tutorial we’re going to share how to disable the automatic created_at and updated_at timestamps in Laravel’s Eloquent models, along with explanations of different scenarios: 1st…

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x