I've got an external app that sends requests to my Laravel API with the machine to machine authentication set up. For some reason the system works on my dev environment but as soon as i go to production the requests get returned with 401 errors.
The external app carries an authentication token which it gets from my Laravel app before every request so it should be authenticated correctly
For reference, here is the .htaccess file I use in case something is wrong with it.
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
This is the code I use in my external app to get the token from my API, I know this code works as I can see a valid token generated in subsequent requests
async function getToken() {
var data = {
'grant_type': 'client_credentials',
'client_id': process.env.CLIENT_ID,
'client_secret': process.env.CLIENT_SECRET
};
const token = await axios.post(`${process.env.REQUEST_URL}oauth/token`, data)
.then(function(response) {
return response.data['access_token'];
});
return token;
}