Laravel 6 Passport CSRF token mismatch

2
votes

I've just created a fresh Laravel 6 project, installed the Passport functionality (Laravel Passport) and wanted to try it out. Now, in Postman I try to access the default route POST /oauth/clients, fill name and redirect arguments as expected.

At this point I'll get a "CSRF token mismatch" error, what could I be doing wrong here? I do know that this is pretty limited information to go on, ask away if more is needed.

Running the Laravel website with 'php artisan serve'.

Edit: Postman has Accept: Json/Application.

1
laravellaravel-passport
Remove \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class, from your middleware if you've added it and don't need it.D Malan
@DelenaMalan thank you, but I did not add it anywhere.Serellyn
What are you trying to achieve by using this route?thmspl

1 Answers

2
votes

Here are some possible solutions for you:

1) Add Content-Type: application/json to your postman request.

2) Try to reinstall the client certificates by executing the command php artisan passport:install.

3) The CSRF check can be disabled for configured urls as stated here.

So try to add the following code to the VerifyCsrfToken class:

protected $except = [
    'oauth/clients',
];

I hope that some of those solutions will solve your problem.