A RESTful API starter pack for Laravel 5 with OAuth2.

v1.0.3 2016-02-08 10:53 UTC

This package is not auto-updated.

Last update: 2023-01-21 09:50:41 UTC


Latest Stable Version Total Downloads Latest Unstable Version License Codacy Badge

Based on francescomalatesta/laravel-api-boilerplate-jwt

Laravel API Boilerplate is a ready-to-use "starting pack" that you can use to build your first API in seconds. As you can easily imagine, it is built on top of the awesome Laravel Framework.

It also benefits from three pacakages:

With a similar foundation is really easy to get up and running in no time. I just made an "integration" work, adding here and there something that I found useful.


  • composer create-project muhammadshakeel/laravel-api-boilerplate-oauth your-project
  • cd your-project
  • php -r "copy('.env.example', '.env');"
  • php artisan key:generate
  • chmod -R 777 storage/ bootstrap/cache/
  • php artisan vendor:publish
  • php artisan migrate
  • php artisan db:seed --class=ClientTableSeeder


Main Features

A Ready-To-Use AuthController

I've put an "AuthController" in App\Api\V1\Controllers. It supports the four basic authentication/password recovery operations:

  • login();
  • signup();
  • recovery();
  • reset();

In order to work with them, you just have to make a POST request with the required data.

You will need:

  • login: just email and password;
  • signup: whatever you like: you can specify it in the config file;
  • recovery: just the user email address;
  • reset: token, email, password and password confirmation;

A Separate File for Routes

You can specify your routes in the *api_routes.php_ file, that will be automatically loaded. In this file you will find many examples of routes.


As I already told before, this boilerplate is based on dingo/api and lucadegasperi/oauth2-server-laravel packages. So, you can find many informations about configuration here and here.

However, there are some extra options that I placed in a config/boilerplate.php file.

  • signup_fields: you can use this option to specify what fields you want to use to create your user;
  • signup_fields_rules: you can use this option to specify the rules you want to use for the validator instance in the signup method;
  • signup_token_release: if "true", an access token will be released from the signup endpoint if everything goes well. Otherwise, you will just get a 201 Created response;
  • reset_token_release: if "true", an access token will be released from the signup endpoint if everything goes well. Otherwise, you will just get a 200 response;
  • recovery_email_subject: here you can specify the subject for your recovery data email;

Creating Endpoints

You can create endpoints in the same way you could to with using the single dingo/api package. You can read its documentation for details.

After all, that's just a boilerplate! :)


I currently removed the VerifyCsrfToken middleware from the $middleware array in app/Http/Kernel.php file. If you want to use it in your project, just use the route middleware csrf you can find, in the same class, in the $routeMiddleware array.


I currently made this project for personal purposes. I decided to share it here to help anyone with the same needs. If you have any feedback to improve it, feel free to make a suggestion, or open a PR!