Reputation: 67
understanding Laravel API and API authentication (Passport)!
I am building a wep app (a website) project using Laravel.
I want to build a native mobile app version of it in the future. I know I need to make RESTful APIs routes for the mobile app to consume by users, but I also want the web app to consume the same RESTful APIs routes. I will be using Laravel API authentication (Passport) which will provides a full OAuth2 server.
I am struggling to understand the OAuth2 workflow here, who is:
- Resource Owner
- Resource Server
- Client
- Authorization Server
and how can I make the the (web app) consume its own RESTful APIs?
Upvotes: 0
Views: 414
Answers (1)
Reputation: 349
In order to have it clear in your mind you need to translate each one to more understandable terms:
- Resource Owner is the USER
- Resource Server & Authorisation Server is the API
- Client is the APPLICATION
The process is the following and it is really simple:
APPLICATION (Client) makes and Authorisation Request with a valid USER (Resource Owner)
API (Authorisation Server) replies with a token
APPLICATION (Client) tries to access API (Resource Server) passing the token for authentication
You can check this page for more detailed information.
Upvotes: 0
Related Questions
- How to Implement OAuth correctly in API with Laravel Passport?
- How to Use Laravel Passport Token System
- Confusing how Laravel passport API security works
- Laravel Passport 401 following documentation
- laravel passport api authentication
- Laravel Passport Authenticate User To Access API Data
- Typical auth process with laravel passport
- Can i auth with api with auth structure of laravel?
- Laravel 5.5 - Laravel Passport Correct Grant Type To Use?
- Laravel Passport client_credentials