Question 1

Is ApiGuard still maintained for Laravel?

Accepted Answer

No, ApiGuard is no longer maintained. The README clearly states that Laravel 5.8+ has built-in API authentication, and Laravel Sanctum is the recommended alternative for newer versions.

Question 2

How do I generate an API key with ApiGuard?

Accepted Answer

Use the Artisan command `php artisan api-key:generate` or link it to a model with options like `--id=1 --type='App\User'`. The README provides step-by-step examples for both basic and polymorphic key generation.

Question 3

ApiGuard vs Laravel Sanctum: which should I use?

Accepted Answer

For modern Laravel projects, Sanctum is superior as it's officially maintained, supports API tokens and SPA authentication, and integrates better with Laravel's ecosystem. ApiGuard is only suitable for legacy systems on older Laravel versions.

Question 4

Can ApiGuard handle JSON Web Tokens (JWT)?

Accepted Answer

No, ApiGuard is designed specifically for API key authentication. For JWT support, you would need a dedicated package like tymon/jwt-auth or use Laravel Passport for OAuth-based token authentication.

Question 5

How to secure API routes using ApiGuard middleware?

Accepted Answer

Attach the `auth.apikey` middleware to your routes in Laravel's route files, such as in routes/api.php. The README shows examples like `Route::middleware(['auth.apikey'])->get(...)` for quick protection.

Question 6

Is ApiGuard compatible with Laravel 8 or 9?

Accepted Answer

ApiGuard was last updated for Laravel 5.3 to 5.5. Using it with Laravel 8 or 9 is not recommended and may cause conflicts, as Laravel has introduced significant changes and native authentication solutions since then.

ApiGuard

What is ApiGuard?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions