Menu
I'm using Passport password grant, I don't need any other functionality, so I need to disable routes that are not related to password grant.
Is there a way to do that?
249
Laravel Passport is an OAuth 2.0 server implementation for stateless authentication.
Passport uses JWT authentication as standard but also implements full OAuth 2.0 authorization.
Laravel Passport is an easy way to set up an authentication system for your API. As a Laravel package, it uses an OAuth2 server to perform authentication, creating tokens for user applications that request to interface with the API it protects, and only granting them access if their tokens are validated.
Laravel passport token scope provides you beautiful services. Scopes allow your API clients to request a specific set of permissions when requesting authorization to access an account. For example, if you are building an e-commerce application, not all API consumers will need the ability to place orders.
I was wondering this too and found that Passport::routes() takes an optional callback. If a callback is not set, then all routes get registered.
To set individual routes for each auth type modify the following code for your use in your AuthServiceProvider:
Passport::routes(function ($router) {
$router->forAuthorization();
$router->forAccessTokens();
$router->forTransientTokens();
$router->forClients();
$router->forPersonalAccessTokens();
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
