Passport: Getting Unauthenticated with a valid token

the same issue is there any solutions !!?

Unfortunately, no. I still having this problem.

I have the same problem. On a fresh installation.

If you are in Apache server, I guess this should help you as it works on mine :
Just add these lines on your .htaccess file :

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

as stated in this thread.

Hope that helps.

Can anyone help me with the nginx configuration?

Something to do with:
fastcgi_param HTTP_AUTHORIZATION $http_authorization;
in the fastcgi_params global or nginx.conf file to pass the auth. See more here:
https://stackoverflow.com/questions/46345676/rewrite-htaccess-to-nginx-with-http-authorization?rq=1

I'm using Laravel 5.6, this is my .htaccess file

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#    RewriteCond %{HTTP:Authorization} ^(.*)
#    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

Still has same problem

same here. Laravel 5.6 Literally tried every fix.

@wqj97 did you get a solution?

@MitchMilton
Yeah, I typed wrong token😂....

I'm having the same issue, with the same version of Laravel (5.6).
Any ideas?

I'm having the same issue with Laravel 5.6, Homestead 7.6m and nginx.
Has someone figured out a solution?

Unfortunately I did not find any solution and I left the thread but I will keep it open in case of any solution.

I have same problem

For me, I found that I had typed 'user' instead of 'users' for the provider in config/auth.php .
Your guards seem to be ok though.

tried so many fixes for _laravel 5.6_ but not working. anyone solved this yet?

What is the _actual_ error being thrown? People have mentioned they are getting 401's but is there any specific error message you are receiving as well? This would help narrow down the problem.

Same problem. But Im observable this happened app inside docker. The same laravel app, in same server but ousite directory, works fine. Who knows?

same problem

Same problem here, also on Laravel 5.6, valet, nginx

Checked my token at jwt.io, it's a valid token but the authentication fails at this line. https://github.com/lcobucci/jwt/blob/3.3/src/Parser.php#L94 Token expected containing 3 dots (parts) but the token contains 6 parts

Same Issue here with Laravel 5.6 and nginx with Docker. I tried this because it was the official package but I guess I will end on tymon/jwt-auth

Really no solution for this problem?
I am in the same situation.

Upgrading to the lastest version of Laravel (clean project) fixed my problem.

https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30

Cookie Serialization
Laravel 5.6.30 disables all serialization / unserialization of cookie values. Since all Laravel cookies are encrypted and signed, cookie values are typically considered safe from client tampering. However, if your application's encryption key is in the hands of a malicious party, that party could craft cookie values using the encryption key and exploit vulnerabilities inherent to PHP object serialization / unserialization, such as calling arbitary class methods within your application.

Disabling serialization on all cookie values will invalidate all of your application's sessions and users will need to log into the application again. In addition, any other encrypted cookies your application is setting will have invalid values. For this reason, you may wish to add additional logic to your application to validate that your custom cookie values match an expected list of values you expect; otherwise, you should discard them.

Configuring Cookie Serialization
Since this vulnerability is not able to be exploited without access to your application's encryption key, we have chosen to provide a way to re-enable encrypted cookie serialization while you make your application compatible with these changes. To enable / disable cookie serialization, you may change the static serialize property of the App\Http\Middleware\EncryptCookies middleware:

/**

• Indicates if cookies should be serialized.
  *
• @var bool
  */
  protected static $serialize = true;

Hi all, I had this problem too.
It happened to me after I updated laravel to 5.6.33 and passport, the problem was that I had an old cookie in my browser.

Removed the old cookie, logged in again and it works like a charm.

After last update to laravel 5.6.33 I'm receiving always 401 Unauthorized error.

Before this update everything was working.

I'm trying to use my API through axios with CreateFreshApiToken middleware.
I followed step by step guide from laravel doc to consume my api from javascript.

Login process works, but from authenticated web page ajax calls with axios receives always 401.

I deleted all cookies, but nothing.

Hi @ilvalerione try clearing caches in laravel with:
php artisan cache:clear
php artisan view:clear

Hello @nadj I forgot this option.

I tried just now also re-deleting all cookies from Chrome but it's still not working.

@ilvalerione check my comment above.

Oooh wow! It's working now!

I'm not a passport package expert, but If passport does not work without cookie serialization it could be necessary to include this configuration in the official passport doc.

In the meantime @a1tem @nadj really thanks for your support!

Thanks, @a1tem

Adding

/**
/* Indicates if cookies should be serialized.
/*
/* @var bool
 */
protected static $serialize = true;

in Http/Middleware/EncryptCookies.php fixed it for me.

If you changed your users id type publish passport migrations and update them with the new column type. #806

Thanks @a1tem , adding serialize = true fixed it for me.

Hello. I have faced the problem too and I will try to solve with @a1tem 's solution tonight.

However, there is a news about Malicious on serialize() and unserialize(). Is it connected to the function on this?

@a1tem 's solution for me didn't work. Laravel 5.6.33, Passport 7.0. I am trying to access via REST API software.

Hello,

If anyone is getting unauthenticated error when accessing API via JavaScript (axios, jQuery etc.) using laravel_token cookie then here is the solution.

Normally, JWT::decode method throws an exception which says 'Malformed UTF-8 Characters' when the static variable $unserializesCookies is false (default value).

Passport class has a static method called 'withCookieSerialization'.

So, in boot method of your AuthServiceProvider class you should call Passport::withCookieSerialization();

Regards.

Hello, i am facing same problem here i'm doing to access user profile details after logout and there is expired authrization token but hit the api i'm getting html response and im not handling error where i can send customize error and message to android developer.

I'm getting the same problem with Laravel 5.6. Tried the $serialize = true option but that made no difference. I can pass the token in the URL ?token=<token> and that works fine, but if I try and pass it as a Bearer in the authorization header I continually get token required errors. I have tried moving my Laravel app to apache but that also made no difference. I have also modified the .htaccess file in my public directory and again nothing. I'm out of ideas.

Hello,

If anyone is getting unauthenticated error when accessing API via JavaScript (axios, jQuery etc.) using laravel_token cookie then here is the solution.

Normally, JWT::decode method throws an exception which says 'Malformed UTF-8 Characters' when the static variable $unserializesCookies is false (default value).

Passport class has a static method called 'withCookieSerialization'.

So, in boot method of your AuthServiceProvider class you should call Passport::withCookieSerialization();

Regards.

Unauthenticated or Unauthorized?

Hi I went through the whole post, I am facing same issue with following config
"laravel/framework": "5.6.30",
"laravel/passport": "7.0",

@a1tem I followed what you suggested, no success same response "Unauthenticated"
my post https://stackoverflow.com/questions/52496543/laravel-5-6-passport-unauthenticated

public function __construct()
{
$this->middleware('auth');
}

/**

• Enforce middleware.
  */
  public function __construct()
  {
  $this->middleware('auth', ['only' => ['create', 'store', 'edit', 'delete']]);
  // Alternativly
  $this->middleware('auth', ['except' => ['index', 'show']]);
  }

Setting serialize=true worked for me. thanks @a1tem

Refering to the update docs setting serialize = true is not the best way.

https://laravel.com/docs/5.6/upgrade

You should instead use Passport with the withoutCookieSerialization() flag in AuthServiceProvider.

Hey everyone,

Like @a1tem said, there have been some changes to cookie serialization so make sure to clear caches and refresh your cookies to solve some of the problems.

Like @muhci said, there is support for disabling cookie serialization but it's undocumented. I'll send in a PR to the docs to document this config.

As for the server config issues with Apache & nginx: we cannot offer guidelines for every single situation. There have been issues about several situations int he past, please refer to the issue tracker for them for solutions or use one of the support channels for questions about them (Laracasts, Laravel.io, etc).

Please always make sure you're using the latest Laravel and Passport version.

As there have been much different issues in this thread, it's difficult to manage all of them here in one place. If you're experiencing a bug with something, feel free to first search if your problem has been reported before in the issue tracker and if not to create a separate issue with a detailed description of your problem.

Please refer to above answers to see if anything solves your problem.

Thanks for everyone who responded to this thread with answers and offering help. Much appreciated!

i am still getting the same error using Insomnia app to get the user data with 'Accept': 'application/json' and 'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciO....' (and this token was just created seconds ago)
what i tried so far:

• run composer update
• i added this code to the .htaccess file:
  RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
• i put this code inside Illuminate\Cookie\Middleware\EncryptCookies - protected static $serialize = true;

none of those worked for me

It turn out i am getting this error, because i am not using Postman the right way, lol! it should be with the Auth tab and i have been trying to do it with the Form tab.... silly mistake!

did any one has fixed this issue ?

Here's my setup:

Maybe some of the steps can help someone..
Please let me know if I did something wrong/insecure, I'm learning too.

_I have two separate projects in my Homestead_

• api.company.test : Laravel 5.7 and Passport 7.0
• app.company.test: @Vue/CLI 3 and axios 0.18

I did the following steps:

_I will not describe here what is already in the Laravel docs (Passport), just highlight the minimum I had to do to get authentication working, so please take a look at the docs for details._

api.company.test

• composer install
• php artisan migrate
• php artisan passport:install
• Add the Laravel\Passport\HasApiTokens trait to your App\User model.
• Forget all Passport routes and views stuff. For now you just want to authenticate your users and connect your App (client) to protected routes (auth:api).
• In your config/auth.php configuration file, change the api driver to passport.
• In the AppServiceProvider.php add Laravel\Passport\Passport::withCookieSerialization(); in the boot method.
• In the AuthServiceProvider.php add Laravel\Passport\Passport::personalAccessClientId('1'); in the boot method. Where "1" is the ID(pk) of the oauth_client table. The passport:install command generated the record so this ID represent your VueJs Application. Make sure to get the ID of the "Personal Access Client".
• You will need to implement CORS handling too. There's plenty of ways to do it. A quickly search and you will find.
• Insert a dummy User in the database (user table) using seeds or something else.

Create a dedicated LoginController (you can make it different according to your needs)

_routes/api.php_

Route::post('login', '\App\Http\Controllers\Auth\LoginController');

_LoginController.php_

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Features\UserModel;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
    public function __invoke(Request $request)
    {
        if(Auth::attempt(['email' => $request->email, 'password' => $request->password])){ 
            $user = Auth::user(); 
            $success['token'] =  $user->createToken('access_token')->accessToken; 
            return response()->json([
                'data' => $success
            ], 200);
        } else { 
            return response()->json([
                'data' => 'API: Unauthorized Access'
            ], 401);
        } 
    }
}

app.company.test

_/src/main.js_

window.axios = require('axios')
window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'
window.axios.defaults.headers.common['Content-Type'] = 'application/json'
window.axios.defaults.baseURL = (process.env.NODE_ENV !== 'production') ? 'http://api.company.test/api/' : 'http://api.company.test/api/'
Vue.prototype.$http = window.axios

Create a vue route for your login page and make a login form. Here's the script part of the Login.vue component

_/src/views/Login.vue_

<template></template>

<script>
export default {
    data() {
        return {
            form: {
                email: '[email protected]',
                password: 'secret',
                remember: false
            }
        }
    },
    methods: {
        login() {
            this.$http.post('login', this.form)
                .then((response) => {

                    let token = response.data.data.token

                    // Store the token in Vuex or Cookie.. or another secure location
                    // so you can retrieve it and attach again to the axios default headers 
                    // in case user hit F5 or close the browser.
                    // this.saveTheToken(token) 

                    this.$http.defaults.headers.common['Authorization'] = 'Bearer ' + token
                    this.$router.push('/dashboard')
                })
                .catch((err) => {
                    // email or password incorrect
                    console.error(err)
                })
        }
    }
}
<script>

_/src/views/Dashboard.vue_

<template></template>

<script>
export default {
    created() {

        // api.company.test/api/dashboard (protected route with auth:api middleware)
        // This request should have the Authorization header with the Baerer token attached to it

        this.$http.get('dashboard')
            .then(response => {
                // Should work
                console.log(response)
            })
    }
}
<script>

_Please forgive any grammar error (English is not my native language)_

@ezp127 do you find solution for above problem?

Hello @ezp127, I have released that server drop Authorization Header, you can check if your server accept Authorization Header or not.

Thanks

for me, I forgot to php artisan passport:install

U can try to put api/* inside $except=[] in _Http\Middleware\VerifyCsrfToken.php_
or Comment line \App\Http\Middleware\VerifyCsrfToken::class, in _Http\Kernel.php_

Hope this work for you

In my case, I had the auth middleware still set in the constructor of my Controller which was giving me the {"message": "Unauthenticated."} response. Removing the line, fixed it for me

routes/api.php

Route::get('/example-json', 'ExController@getExample')->middleware('scope:api-v1');

app/Http/Controllers/ExController.php

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

use Illuminate\Support\Facades\Auth;


class ExController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware(['auth']); // <------------ had to remove this
    }

//....

my best guess is that this is not an issue of the framework itself as it is actually working, but there is some problem in your personal codes itself, so best way for me is to write to stackoverflow

php artisan config:clear did the trick for me :joy:

@poncianodiego That seemed to do the trick for me, too. Thank you so much! 👍

Many thanks to you @poncianodiego. It works for me

By the way - I had this problem just after configuring Passport. The solution in my case was a simple

php artisan optimize:clear

After hours of searching and moving many lines of code:
php artisan config:clear
Works for me!

None of the things in the comments fixed this for me and I tried them all. I was following this guide. Any ideas?

It is possible that your current session had expired. Relogin and see if the error appears within 120 seconds which is the default setting in session.php.

Small tip: Make sure you are connecting to the right server with your token.

Double check you are connecting (e.g. with Postman) to the an API server that knows about the Bearer token that you just made in your browser (probably the same server as in the browser).

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

as this forum said, I add these lines to .htaccess file in my project but nothing happened! can anyone help me?

use it works for me

Authorization : Bearer oauth_access_tokens
content-type : application/json

The same issue still. Even in laravel 5.7

i fix it by refreshing my migrations php artisan migrate:refresh and then generate new clients
with php artisan passport:install , after this, you just need to create a new valid token

PS: but be careful, do not use php artisan migrate:refresh in production

really I do all those configurationss but I have the same error (laravel 5.8)

If you are in Apache server, I guess this should help you as it works on mine :
Just add these lines on your .htaccess file :

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

as stated in this thread.

Hope that helps.

If you are in Apache server, I guess this should help you as it works on mine :
Just add these lines on your .htaccess file :

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

as stated in this thread.

Hope that helps.

This works for me, I just added these line of codes. Thanks mate!!!!

send auth in ( authentication : bearer AuthCode)

On Thu, Aug 15, 2019 at 8:18 AM Richard Guevara notifications@github.com
wrote:

If you are in Apache server, I guess this should help you as it works on
mine :
Just add these lines on your .htaccess file :

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.)
RewriteRule . - [e=HTTP_AUTHORIZATION:%1]

as stated in this
https://laracasts.com/discuss/channels/laravel/laravel-passport-and-postman-gets-all-the-time-unauthorised/replies/332616
thread.

Hope that helps.

If you are in Apache server, I guess this should help you as it works on
mine :
Just add these lines on your .htaccess file :

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.)
RewriteRule . - [e=HTTP_AUTHORIZATION:%1]

as stated in this
https://laracasts.com/discuss/channels/laravel/laravel-passport-and-postman-gets-all-the-time-unauthorised/replies/332616
thread.

Hope that helps.

This works for me, I just added these line of codes. Thanks mate!!!!

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/laravel/passport/issues/452?email_source=notifications&email_token=AJFX4QLLQI53XUI7UD7T4CLQETDGVA5CNFSM4DVODAXKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4KXA6Q#issuecomment-521498746,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AJFX4QM4RMUZUGSOGCKSDULQETDGVANCNFSM4DVODAXA
.

After tried to login i am getting these info but when trying to retrieve logged user data using below access token showing unauthenticated.

[{
"token_type": "Bearer",
"expires_in": 86400,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjU3NDQxZTgyOGQzMTkzN2Y3ZDQwODY4MzY3ZDU1YmNmNDA0YTc3YjhlNGE3OGMyMmI2NDliM2FmOTMyODBiOWEyMDc0NGRmNjVkYmYxNjBmIn0.eyJhdWQiOiI0IiwianRpIjoiNTc0NDFlODI4ZDMxOTM3ZjdkNDA4NjgzNjdkNTViY2Y0MDRhNzdiOGU0YTc4YzIyYjY0OWIzYWY5MzI4MGI5YTIwNzQ0ZGY2NWRiZjE2MGYiLCJpYXQiOjE1NjYxNzYxNjksIm5iZiI6MTU2NjE3NjE2OSwiZXhwIjoxNTY2MjYyNTY5LCJzdWIiOiIxIiwic2NvcGVzIjpbIioiXX0.QvIc81D9eOMinxImtcPcOtlUhJIqYdge9n2geV3OdRdUTMyaxci4hXFzZzwLX1wDwoj-aK9f5klbD8SeCWUHhIz3Nkp-oy3HacUshGMhvLlCBdeyt0vtBw8m0mzSo-4YhV1B11z9RnuzrIWvDQPww5HVew9wxQ0sgp_K1MOSL9Hgz7xSCmgKy9ROmXjad6k1HGIwwHat4AUxyMqUmvsr7R-Kp_onMxXOUifH_quNJoDMeN4htltY2VYDCtH3RWE7QiC4_Z7tAYv1igSsolK-TvyZqAq7njXfyXfoZGYJHPdjtUzSulyFEg6raAEsuN1AHKuei7rb3nP_v2zTTWYIwK16lBsfRYZB0zrDk8AhpKNY-gQADGJAxbOX7WmYJaOrmovBoK4u7Ay5IzdvPhQV-fRIo4s4Lue40QlBs3KbodsXWHyA0j0bi80l3nCRX2GjDT9XwaHAuQDrYNuZoUo-H_LYJV4cbDH_CCcDX8kQhiB20nB8buM7z29ffngkLnqnz-5MBMpujVYf_NS0RvMIEqI_P8ADYyTvFSoUCsfdZTCNukfaXV7qsVxa9U4Q4ZfdySylDN4j7jf0vjAIWEAsIxSKWPm9lilAxmrvuIPAYquTzsCGhiaNXGOW9bclkJ1DSjzwpbE0hwwuily_eI0QnMpv6pi1vxE-FfNDbson6Co",
"refresh_token": "def502008193e351c7ae193442179050375cc75683a694a4016722cc958a86aede65ee4fe3ffe71e7b51e4ca52c5ad626fe98ae35d91690cb16d8523721837281982575791886e2a18793e1432e5ddd56a5f97e71de9e84168a4ec4e7a261788e167abc5fa7b848661557b56f516734c2d4de5f706202b58099f6cf3a41c8d63c4343a605160dc051e08a6d2db0ab6f8dc735ac1e4cac04622f72f79dd78cc8a6f4abfc738935d8e65e97030e523e27bfae840a67d5e278b1a87a0fb59e8209f5cfbd13c719ed57c8055c73bf8238c199b7f27ab89931a0fe2fd2b6dd158dc12851c3b9394f87551d4cb31a6af2a71aa3902e2f2852c909258b3dc422ffec591982c81007cf72c28c91e06175472bf46ef8d40180e3ce0d0906ca0f35bb3d9f0b07079349fe0f3c270abc58f6a1dc51f5bae7443b8adfe930898849a1b21f812fb76ffd0e44a94c84788c0663e65fbdae0d4ab0518866f5b94b30b4e56b3b9df4c56"
} ](url)

Could you send me details of what you are sending (also it's post or get)
And also the code if it's on live server plz send me link

On Mon, Aug 19, 2019, 6:00 AM MD MAHAMUDUR ZAMAN BHUYIAN <
[email protected]> wrote:

After tried to login i am getting these info but when trying to retrieve
logged user data using below access token showing unauthenticated.

{
"token_type": "Bearer",
"expires_in": 86400,
"access_token":
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjU3NDQxZTgyOGQzMTkzN2Y3ZDQwODY4MzY3ZDU1YmNmNDA0YTc3YjhlNGE3OGMyMmI2NDliM2FmOTMyODBiOWEyMDc0NGRmNjVkYmYxNjBmIn0.eyJhdWQiOiI0IiwianRpIjoiNTc0NDFlODI4ZDMxOTM3ZjdkNDA4NjgzNjdkNTViY2Y0MDRhNzdiOGU0YTc4YzIyYjY0OWIzYWY5MzI4MGI5YTIwNzQ0ZGY2NWRiZjE2MGYiLCJpYXQiOjE1NjYxNzYxNjksIm5iZiI6MTU2NjE3NjE2OSwiZXhwIjoxNTY2MjYyNTY5LCJzdWIiOiIxIiwic2NvcGVzIjpbIioiXX0.QvIc81D9eOMinxImtcPcOtlUhJIqYdge9n2geV3OdRdUTMyaxci4hXFzZzwLX1wDwoj-aK9f5klbD8SeCWUHhIz3Nkp-oy3HacUshGMhvLlCBdeyt0vtBw8m0mzSo-4YhV1B11z9RnuzrIWvDQPww5HVew9wxQ0sgp_K1MOSL9Hgz7xSCmgKy9ROmXjad6k1HGIwwHat4AUxyMqUmvsr7R-Kp_onMxXOUifH_quNJoDMeN4htltY2VYDCtH3RWE7QiC4_Z7tAYv1igSsolK-TvyZqAq7njXfyXfoZGYJHPdjtUzSulyFEg6raAEsuN1AHKuei7rb3nP_v2zTTWYIwK16lBsfRYZB0zrDk8AhpKNY-gQADGJAxbOX7WmYJaOrmovBoK4u7Ay5IzdvPhQV-fRIo4s4Lue40QlBs3KbodsXWHyA0j0bi80l3nCRX2GjDT9XwaHAuQDrYNuZoUo-H_LYJV4cbDH_CCcDX8kQhiB20nB8buM7z29ffngkLnqnz-5MBMpujVYf_NS0RvMIEqI_P8ADYyTvFSoUCsfdZTCNukfaXV7qsVxa9U4Q4ZfdySylDN4j7jf0vjAIWEAsIxSKWPm9lilAxmrvuIPAYquTzsCGhiaNXGOW9bclkJ1DSjzwpbE0hwwuily_eI0QnMpv6pi1vxE-FfNDbson6Co",
"refresh_token":
"def502008193e351c7ae193442179050375cc75683a694a4016722cc958a86aede65ee4fe3ffe71e7b51e4ca52c5ad626fe98ae35d91690cb16d8523721837281982575791886e2a18793e1432e5ddd56a5f97e71de9e84168a4ec4e7a261788e167abc5fa7b848661557b56f516734c2d4de5f706202b58099f6cf3a41c8d63c4343a605160dc051e08a6d2db0ab6f8dc735ac1e4cac04622f72f79dd78cc8a6f4abfc738935d8e65e97030e523e27bfae840a67d5e278b1a87a0fb59e8209f5cfbd13c719ed57c8055c73bf8238c199b7f27ab89931a0fe2fd2b6dd158dc12851c3b9394f87551d4cb31a6af2a71aa3902e2f2852c909258b3dc422ffec591982c81007cf72c28c91e06175472bf46ef8d40180e3ce0d0906ca0f35bb3d9f0b07079349fe0f3c270abc58f6a1dc51f5bae7443b8adfe930898849a1b21f812fb76ffd0e44a94c84788c0663e65fbdae0d4ab0518866f5b94b30b4e56b3b9df4c56"
}

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/laravel/passport/issues/452?email_source=notifications&email_token=AJFX4QOLUM26XFDGTT3CP4LQFHWDHA5CNFSM4DVODAXKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4RNIQQ#issuecomment-522376258,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AJFX4QN7NSK3G7YO6N2JB4DQFHWDHANCNFSM4DVODAXA
.

I think the problem in my server doesn't send Authorization header

Have u tested on localhost,
Are u trying postman for this testing

On Tue, Aug 20, 2019, 5:40 PM Salah Madih notifications@github.com wrote:

I think the problem in my server doesn't send Authorization header

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/laravel/passport/issues/452?email_source=notifications&email_token=AJFX4QP3XTWH3OVZHKSJP3TQFPQ23A5CNFSM4DVODAXKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4WENRA#issuecomment-522995396,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AJFX4QLX4BSDVGTDX7NOAZLQFPQ23ANCNFSM4DVODAXA
.

yes it working on localhost

Send me code I could try
And also use postman for live server testing I was also facing same problem

Hey everyone,

I'm locking this issue because it either has gone off-topic, become a dumping ground for things which shouldn't be in an issue tracker or is just too old. Please try to discuss things further on one of the below channels:

• Laracasts Forums
• Laravel.io Forums
• StackOverflow
• Discord
• Larachat
• IRC