Laravel Passport

MM Auth's implementation of OAuth2 is powered by Laravel Passport.

Token Types

Three types of access token are supported:

Password Grant Tokens

The OAuth2 password grant allows first-party clients (such as a mobile application) to obtain an access token using an e-mail address and password instead of requiring users to go through the OAuth2 authorization code redirect flow (i.e. Hosted Login).

Creating A Password Grant Client

Before MM Auth can issue tokens via the password grant, you will need to create a password grant client. This is done on the command line using the passport:client command with the --password option. Each mobile app should be registered as a seperate client.


Register a user by providing their name, email address, password and password confirmation. On success, a Bearer token will be returned.


Login a user using their email address and password. On success, a Bearer token will be returned.

Get User

Retreive user's profile by providing their Bearer token.


Logout a user and cancel their Bearer token.

API Tester