How to Generate a Bearer Access Token Using Laravel Passport

How to Generate a Bearer Access Token Using Laravel Passport

K. M. Shawkat Zamil | January 02, 2023

Hello developers,


Do you know about Laravel Passport and how to use it? If you don’t. This series of tutorials is only for you. In the previous tutorial, we showed how to set up Laravel Passport in Laravel Project. (See the previous tutorial


In this tutorial, we will learn about how to generate an Bearer Access Token using laravel Passport in the Laravel project. Here, all the routes will be stored inside the routes folder, in the web.php file. It’s a little bit different when you will working with API. In the routes folder, there is also a file named api.php. Here all the APIs are stored. Let’s open the file.

Here the APIs are binded with auth:api middleware. This will prevent unauthorized users to make a request in specific routes. Because it has been protected by middleware. We will create a new test route just to show you how it works. 


Go to your project directory and run the command:


php artisan serve


For creating th new route in api.php, paste the below code:



Route::get('/test', function(Request $request){
    return 'Authenticated';



Now, let’s configure postman to check the api. Postman is an API platform for building and using API. First, download and install postman.


After downloading, open postman and create a collection named “test”. After that create a request. First, paste the URL. The HTTP method gets and the endpoint is the route name. Note: If you want to perform an API request, you always need to add /api right in front of the route name. The URL is:


After that, click the send button.



If we write any route name that the route is in the middleware binded. Then we will get a 500 internal server error because we have not to find the type of information that we want to send back.



If you want to perform a request, you need to pass some value in the header. Here we add a key called accept and the value is application/json. Here we get the status code 401 Unauthorized. This is happening for the middleware, which checks every time if the user is authenticated or not.



To pass the middleware, every user needs to get an access token. There are different ways to create Laravel Passport Access Token. Before with the below command, we created Client ID and Client Secret.


php artisan passport:install


Right now, I want to use something which is called passport credentials to grant client access to our application. To generate token, first go to your postman and create a new request and named it as OAuth Token and on the url end point type oauth/token and the submit type is post.


If we click the send button right now, we will get error, which is “unsupported_grant_type”. That’s because we have not provided the client id through the request as params.



In order to pass params we need to add the following lines in the headers of the request:


grant_type : password
client_id: 2
client_secret: 5Tay75Fk2kXv5YXOzBJQsIJYt3c5CFuEeuq2ytsM
password: 12345678



Here, client_id and secret key is generated when we run php artisan passport:install, after that we created a user, the user information needs to add in the parameter. 




After configuring the API, if we click enter, then we get the bearer type access_token. W need the access_token value, these value needs to pass in the previous API as an Authorization key to get access. 


The API route is:


use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
| API Routes
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
Route::get('/test', function(Request $request){
    return 'Authenticated';
Route::middleware('auth:api')->get('/user', function (Request $request) {
    return $request->user();


The final output is: 



That’s it for today. Hope this tutorial will help you in the development journey.


Read More: How to setup Laravel Passport in the Laravel project

K. M. Shawkat Zamil

K. M. Shawkat Zamil

Senior Software Engineer

I am a Senior Software Engineer in a reputed company in Bangladesh. I am a big fan of Laravel, PHP Programming, MSSQL Server, MySql, JavaScript, and lots more. I love to help people who are especially eager to learn. I believe in patience and motivation.