Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Passport Laravel Package

laravel/passport

Laravel Passport provides an OAuth2 server for Laravel, enabling API authentication with personal access tokens, password and authorization code grants, and client credentials. Integrates with Laravel’s auth system for secure, standards-based token issuing.

View on GitHub

Deep Wiki

Context7

v13.7.3

[13.x] Fix session JSON serialization by @hafezdivandari in https://github.com/laravel/passport/pull/1905

v13.7.2

[13.X] fix: resolve user as null when user ID matches client ID on integer key setups by @Can-Kar in https://github.com/laravel/passport/pull/1902

v13.7.1

Prevent user impersonation via client credentials token by @pushpak1300 in https://github.com/laravel/passport/pull/1901

v13.7.0

[13.x] Add middleware attribute by @axlon in https://github.com/laravel/passport/pull/1897

v13.6.0

Add Boost skill for Passport development by @pushpak1300 in https://github.com/laravel/passport/pull/1893

v12.4.3

Fix firebase/php jwt vuln by @jszoja in https://github.com/laravel/passport/pull/1889

v13.5.0

Add mixin annotation for Token model in AccessToken by @fjkorf in https://github.com/laravel/passport/pull/1886
Add dedicated token lifetime for client credentials grant by @sajanp in https://github.com/laravel/passport/pull/1880
Add missing OAuthenticatable interface step to upgrade guide by @FeBe95 in https://github.com/laravel/passport/pull/1887
Improve code syntax highlighting in upgrade guide by @FeBe95 in https://github.com/laravel/passport/pull/1890
Allow custom middleware to be registered by @timacdonald in https://github.com/laravel/passport/pull/1892
Update UPGRADE.md by @siarheipashkevich in https://github.com/laravel/passport/pull/1891

v13.4.4

[13.x] Supports Laravel 13 by @crynobone in https://github.com/laravel/passport/pull/1885
[13.x] Add can and cant methods to Token model by @hafezdivandari in https://github.com/laravel/passport/pull/1882

v13.4.3

[13.x] Allow firebase/php-jwt v7 by @hafezdivandari in https://github.com/laravel/passport/pull/1879

v13.4.2

[13.x] PHP 8.5 Compatibility by @crynobone in https://github.com/laravel/passport/pull/1869
Remove the usage of deprecated $request->get() by @hivokas in https://github.com/laravel/passport/pull/1873
[13.x] Allow setting the client with Passport::actingAs() by @axlon in https://github.com/laravel/passport/pull/1876

v13.4.1

[13.x] Fix possible 500 error when retrieving user on token guard by @hafezdivandari in https://github.com/laravel/passport/pull/1871

v13.4.0

[13.x] Add static setter for authorizationServerResponseType by @RSpeekenbrink in https://github.com/laravel/passport/pull/1867

v13.3.0

chore(UPGRADE): v13, update oauth_clients table schema changes by @maximepvrt in https://github.com/laravel/passport/pull/1865
feat: Allow findForPassport to optionally receive the OAuth client by @maximepvrt in https://github.com/laravel/passport/pull/1866

v13.2.2

Fix »OAuth Client Table Changes« migration snippet in the upgrade guide by @hettiger in https://github.com/laravel/passport/pull/1859
[13.x] Fix accessing the plain secret after creating a new confidential client via deprecated ClientController::store by @hafezdivandari in https://github.com/laravel/passport/pull/1861

v13.2.1

[13.x] add trailing commas in multiline constructor signatures by @browner12 in https://github.com/laravel/passport/pull/1848
Update Client Model by @samsin33 in https://github.com/laravel/passport/pull/1850
[13.x] Test Improvements by @hafezdivandari in https://github.com/laravel/passport/pull/1853
[13.x] Fix issuing PAT with configured trusted hosts by @hafezdivandari in https://github.com/laravel/passport/pull/1852

v13.2.0

[13.x] Added device code grant exception to purge command by @SuperDJ in https://github.com/laravel/passport/pull/1846

v13.1.0

[13.x] Add an option to disable device code grant by @hafezdivandari in https://github.com/laravel/passport/pull/1842
[13.x] Add an upgrade guide entry for key file permissions by @hafezdivandari in https://github.com/laravel/passport/pull/1841
[13.x] Fallback to list of auth user providers if no auth guard for Passport is defined by @hafezdivandari in https://github.com/laravel/passport/pull/1840
[13.x] Add an optional migration for oauth_clients table to the upgrade guide by @hafezdivandari in https://github.com/laravel/passport/pull/1843
Fix viewPrefix Method to Match Documentation Example by @trippo in https://github.com/laravel/passport/pull/1844

v13.0.6

[13.x] Fix broken token relation when auth identifier is not PK by @axlon in https://github.com/laravel/passport/pull/1835

v13.0.5

[13.x] Fix Exception Caused by Missing AccessToken Attributes by @hafezdivandari in https://github.com/laravel/passport/pull/1829

v13.0.4

[13.x] Fix skipping authorization consent when no scopes are requested by @hafezdivandari in https://github.com/laravel/passport/pull/1825
[13.x] Document changes to oauth_clients table in upgrade guide by @gdebrauwer in https://github.com/laravel/passport/pull/1823

v13.0.3

[13.x] Fix object returned by mocked validateAuthenticatedRequest() method in Passport::actingAsClient() method by @gdebrauwer in https://github.com/laravel/passport/pull/1822

v13.0.2

Changed getTokenFromRequest method to handle null value and prevent type error by @eldair in https://github.com/laravel/passport/pull/1819
fix: possible php error if redirect column is an empty string by @Tofandel in https://github.com/laravel/passport/pull/1821

v13.0.1

[13.x] Fix access to undefined route by @axlon in https://github.com/laravel/passport/pull/1812
[13.x] Fix access to uninitialised typed static property by @owenvoke in https://github.com/laravel/passport/pull/1811
Use isset to check for initialisation by @patrickomeara in https://github.com/laravel/passport/pull/1813
[13.x] Fix middleware type error by @axlon in https://github.com/laravel/passport/pull/1815

v13.0.0

[13.x] Support OAuth2 Server v9 by @hafezdivandari in https://github.com/laravel/passport/pull/1734
[13.x] Always hash client secret by @hafezdivandari in https://github.com/laravel/passport/pull/1745
[13.x] Remove redundant PAT client table and model by @hafezdivandari in https://github.com/laravel/passport/pull/1749
[13.x] Fix determining revoked records by @hafezdivandari in https://github.com/laravel/passport/pull/1751
[13.x] Use the oauth_scopes property of the bearer token on TokenGuard by @hafezdivandari in https://github.com/laravel/passport/pull/1755
[13.x] Refactor migrations by @hafezdivandari in https://github.com/laravel/passport/pull/1759
[13.x] Cleanup by @hafezdivandari in https://github.com/laravel/passport/pull/1758
[13.x] Use unique IDs on client model by @hafezdivandari in https://github.com/laravel/passport/pull/1757
[13.x] Force confidential PAT client by @hafezdivandari in https://github.com/laravel/passport/pull/1761
[13.x] Fix register a custom rendering closure for OAuthServerException by @hafezdivandari in https://github.com/laravel/passport/pull/1763
[13.x] Use UUID to identify clients by default by @hafezdivandari in https://github.com/laravel/passport/pull/1764
[13.x] Disable PAT requests by @hafezdivandari in https://github.com/laravel/passport/pull/1766
[13.x] Cleanup and add feature tests by @hafezdivandari in https://github.com/laravel/passport/pull/1767
[13.x] Always validate auth token by @hafezdivandari in https://github.com/laravel/passport/pull/1769
[13.x] Configure the user provider for PAT by @hafezdivandari in https://github.com/laravel/passport/pull/1768
[13.x] Fix user-token relations by @hafezdivandari in https://github.com/laravel/passport/pull/1773
[13.x] Make client RFC compatible by @hafezdivandari in https://github.com/laravel/passport/pull/1744
[13.x] Fix skipping consent prompt by @hafezdivandari in https://github.com/laravel/passport/pull/1777
[13.x] Improve issuing PATs by @hafezdivandari in https://github.com/laravel/passport/pull/1780
[13.x] Fix clients confidentiality by @hafezdivandari in https://github.com/laravel/passport/pull/1782
[13.x] Make Passport headless (Support Laravel Jetstream and Breeze) by @hafezdivandari in https://github.com/laravel/passport/pull/1771
[13.x] Improve performance, fix minor bugs, and add tests by @hafezdivandari in https://github.com/laravel/passport/pull/1783
bug: mockery not setup correctly by @JimTools in https://github.com/laravel/passport/pull/1785
[13.x] Cleanup, improve types and tests by @hafezdivandari in https://github.com/laravel/passport/pull/1788
[13.x] Enhance error responses by @hafezdivandari in https://github.com/laravel/passport/pull/1791
[13.x] Rename CheckClientCredentials middleware by @hafezdivandari in https://github.com/laravel/passport/pull/1792
[13.x] Improve resolving and converting PSR responses by @hafezdivandari in https://github.com/laravel/passport/pull/1793
[13.x] Deprecate JSON API by @hafezdivandari in https://github.com/laravel/passport/pull/1778
[13.x] Add new EnsureClientIsResourceOwner middleware by @hafezdivandari in https://github.com/laravel/passport/pull/1794
[13.x] Make revoking refresh tokens optional by @hafezdivandari in https://github.com/laravel/passport/pull/1790
[13.x] Validate key files' permissions by @hafezdivandari in https://github.com/laravel/passport/pull/1789
[13.x] Determine if the client handles the specified grant by @hafezdivandari in https://github.com/laravel/passport/pull/1762
[13.x] Device Authorization Grant RFC8628 by @hafezdivandari in https://github.com/laravel/passport/pull/1750
[13.x] Release Passport 13.x by @hafezdivandari in https://github.com/laravel/passport/pull/1797

v12.4.2

[12.x] Update property annotation for $userId to match constructor type by @ukkok in https://github.com/laravel/passport/pull/1805

v12.4.1

Supports Laravel 12 by @crynobone in https://github.com/laravel/passport/pull/1803

v12.4.0

[12.x] Supports PHP 8.4 by @crynobone in https://github.com/laravel/passport/pull/1799

v12.3.1

Update logo to support dark/light theme by @milewski in https://github.com/laravel/passport/pull/1787
Fix repeated word "the" in upgrade guide by @caendesilva in https://github.com/laravel/passport/pull/1798

v12.3.0

[12.x] Add access token revoked event by @axlon in https://github.com/laravel/passport/pull/1776

v12.2.1

[12.x] Fix purge command by @hafezdivandari in https://github.com/laravel/passport/pull/1772

v12.2.0

[12.x] Add refreshToken relation to Token model by @gdebrauwer in https://github.com/laravel/passport/pull/1739

v12.1.0

[12.x] Make Passport's database connection configurable by @axlon in https://github.com/laravel/passport/pull/1738

v12.0.3

Adjust newFactory method visibility by @brandonfarber in https://github.com/laravel/passport/pull/1735

v12.0.2

[12.x] Make commands lazy by @timacdonald in https://github.com/laravel/passport/pull/1731
[12.x] Allow token "expires in" to be defined as date interval by @jacobmllr95 in https://github.com/laravel/passport/pull/1733

v12.0.1

[12.x] Cast session lifetime to int by @kindslayer in https://github.com/laravel/passport/pull/1727
[12.x] Fixes used version of L9 by @nunomaduro in https://github.com/laravel/passport/pull/1730

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

davejamesmiller/laravel-breadcrumbs

artisanry/parsedown

christhompsontldr/phpsdk

enqueue/dsn

bunny/bunny

enqueue/test

enqueue/null

enqueue/amqp-tools

milesj/emojibase

bower-asset/punycode

bower-asset/inputmask

bower-asset/jquery

bower-asset/yii2-pjax

laravel/nova

spatie/laravel-mailcoach

spatie/laravel-superseeder

laravel/liferaft

nst/json-test-suite

danielmiessler/sec-lists

jackalope/jackalope-transport