Learn how to build and secure an API with Laravel.

Getting Started

In this tutorial, you’ll learn how to create a simple Laravel API and add authorization to it using  Auth0. You can find the final code in this  GitHub repository.

👋 If you already have a Laravel API that you want to secure, you can go ahead and skip to the  “Secure your Laravel API” section.


This tutorial uses the latest version of Laravel at the time of writing (v8). I will assume you have some basic knowledge of Laravel. If you’re new to Laravel,  Build a Laravel CRUD Application with Authentication may be a better primer for you!

You’ll also need the following:

  • Composer
  • PHP >= 7.3
  • A  free Auth0 account

What you’ll build

You’ll be building a simple API with a single /comment resource. The API should allow anyone to view comments. However, only authorized users should be able to create, update, or delete a comment.

Public endpoints:

  • GET /comments - Return all comments
  • GET /comments/{id} - Return the comment with the specified id

Private endpoints:

  • POST /comments - Add a new comment
  • PUT /comments/{id} - Update the comment with the specified id
  • DELETE /comments/{id} - Delete the comment with the specified id


Build and Secure A Laravel API with JWTs
1.45 GEEK