Laravel 8: Using Fortify in APIs

Just set 'Accept' header with 'application/json' or 'application/javascript' then fortify will response json formatted body not redirection.

by the way, use Sanctum instead of Passport for SPA is easier to keep token securely. google about where to store API token for SPA then you will find out why.


Authentication can either be Session-based or Token-based.

Laravel Fortify only provides the backend logic nessecery for session-based authentication and therefore is not intended for token-based API authentication.

If you need token-based API authentication, you can use either Sanctum or Passport depending on your needs. But You'll have to write a bit of code, in either case.

If you decide to go with Laravel Passport, I have a boilerplate project that might be of use: https://github.com/pktharindu/laravel-api-boilerplate-passport