Laravel Passport always returns 401 Unauthenticated

[ivan-avalos]

I'm driving crazy! I've been searching around the web on thousands of StackOverFlow questions and haven't solved my issue.

I'm developing an API REST with Laravel Framework 5.7 and Passport 7.0. I've setup every file following the documentation and I'm able to get a token with grant_type=password (without authentication flow), but when I try to access to a route protected by the auth:api middleware, I always get a 401 response.

This is my HTTP request:

GET /api/usuario/1/grupos HTTP/1.1
Host: localhost:8000
Accept: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI...

Here's my auth.php guard config:

'guards' => [
    'api' => [
        'driver' => 'passport',
        'provider' => 'users',
    ],
],

This is the mapApiRoutes() in my RouteServiceProvider.php:

protected function mapApiRoutes()
{
    Route::prefix('api')
         ->middleware('auth:api')
         ->namespace($this->namespace)
         ->group(base_path('routes/api.php'));
}

Thanks, I hope you could help.

[driesvints]

Hi there,

Looks like this is a question which can be asked on a support channel. Please only use this issue tracker for reporting bugs with the library. If you have a question on how to use functionality provided by this repo you can try one of the following channels:

• Laracasts Forums
• Laravel.io Forums
• Discord
• Larachat
• IRC
• StackOverflow

[ahinkle]

Hey, I’m having the same issue. Were you able to find a solution?

[ivan-avalos]

@ahinkle Not a clear solution, but I created a new project, moved the important files to the new project and everything worked perfectly. I'm not sure exactly about what was the problem, but I think the problem was changing the users table to "usuarios" and the field name to "nombre", even if I changed the auth.php providers to use the Usuarios model, and the field "name" is not required by Passport. I don't know what was wrong, but I would suggest you to create a new project and setup Passport from scratch, it's the best solution yet.

[shijij]

I had a similar situation. I didn't copy the whole access token.
I prefer selecting a string using double clicks, but access token contains period, which will break the selection without me noticing.

I believed I copied the whole access token every time... sad story