Basically, I would like to give 3rd Party (few X companies) access to my resources using an API and I would like to know which Grant Type would be best suitable and why?
I have already implemented "Client Credential Grant Type" which seemed perfect as it is best used for Machine to Machine interaction and that's what I wanted to do, that is, give 3rd Party Company access using an API to fetch and send data, but the problem with this Grant Type is that, I am unable to make a link with Users Table because there is no user_id. so, It is not possible for me to keep track of which X company is sending or fetching data. Which makes me question if I am using the right Grant Type?
I have already followed first few steps from Laravel Passport Documentation (https://laravel.com/docs/7.x/passport) to setup Passport in my application and everything seems to be good.
Steps Followed
1. composer require laravel/passport
2. php artisan migrate
3. php artisan passport:install
4. add the Laravel\Passport\HasApiTokens trait to your App\User model.
5. call the Passport::routes method within the boot method of your AuthServiceProvider
6. Finally, in your config/auth.php configuration file, you should set the driver option of the api authentication guard to passport.
There are 4 types of clients:
1. php artisan passport:client --public (for SPA or JS application)
2. php artisan passport:client --client (for machine to machine)
3. php artisan passport:client --personal (for mobile applications)
4. php artisan passport:client --password (outdated)
Which is the right passport:client? and how to implement it?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire