InvalidArgumentException Auth driver [jwt] for guard [api] is not defined.

[yinkuzej]

Subject of the issue

Describe your issue here.

Your environment

Q	A
Bug?	yes
New Feature?	no
Framework	Laravel
Framework version	6.3.0
Package version	dev-develop
PHP version	7.2.4

Steps to reproduce

Hello I get this error after upgrading to laravel 6.3

my config/auth.php `<?php

return [

/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/

'defaults' => [
    'guard' => 'api',
    'passwords' => 'users',
],

/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],

    'api' => [
        'driver' => 'jwt',

// 'driver' => 'token', 'provider' => 'users', 'hash' => false, ], ],

/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\User::class,
    ],

    // 'users' => [
    //     'driver' => 'database',
    //     'table' => 'users',
    // ],
],

/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/

'passwords' => [
    'users' => [
        'provider' => 'users',
        'table' => 'password_resets',
        'expire' => 60,
    ],
],

]; `

my config/jwt.php `<?php

/*

• This file is part of jwt-auth.
• (c) Sean Tymon tymon148@gmail.com
• For the full copyright and license information, please view the LICENSE
• file that was distributed with this source code. */

return [

/*
|--------------------------------------------------------------------------
| JWT Authentication Secret
|--------------------------------------------------------------------------
|
| Don't forget to set this in your .env file, as it will be used to sign
| your tokens. A helper command is provided for this:
| `php artisan jwt:secret`
|
| Note: This will be used for Symmetric algorithms only (HMAC),
| since RSA and ECDSA use a private/public key combo (See below).
|
*/

'secret' => env('JWT_SECRET'),

/*
|--------------------------------------------------------------------------
| JWT Authentication Keys
|--------------------------------------------------------------------------
|
| The algorithm you are using, will determine whether your tokens are
| signed with a random string (defined in `JWT_SECRET`) or using the
| following public & private keys.
|
| Symmetric Algorithms:
| HS256, HS384 & HS512 will use `JWT_SECRET`.
|
| Asymmetric Algorithms:
| RS256, RS384 & RS512 / ES256, ES384 & ES512 will use the keys below.
|
*/

'keys' => [

    /*
    |--------------------------------------------------------------------------
    | Public Key
    |--------------------------------------------------------------------------
    |
    | A path or resource to your public key.
    |
    | E.g. 'file://path/to/public/key'
    |
    */

    'public' => env('JWT_PUBLIC_KEY'),

    /*
    |--------------------------------------------------------------------------
    | Private Key
    |--------------------------------------------------------------------------
    |
    | A path or resource to your private key.
    |
    | E.g. 'file://path/to/private/key'
    |
    */

    'private' => env('JWT_PRIVATE_KEY'),

    /*
    |--------------------------------------------------------------------------
    | Passphrase
    |--------------------------------------------------------------------------
    |
    | The passphrase for your private key. Can be null if none set.
    |
    */

    'passphrase' => env('JWT_PASSPHRASE'),

],

/*
|--------------------------------------------------------------------------
| JWT time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token will be valid for.
| Defaults to 1 hour.
|
| You can also set this to null, to yield a never expiring token.
| Some people may want this behaviour for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
| Notice: If you set this to null you should remove 'exp' element from 'required_claims' list.
|
*/

// 'ttl' => env('JWT_TTL', 60), 'ttl' => null,

/*
|--------------------------------------------------------------------------
| Refresh time to live
|--------------------------------------------------------------------------
|
| Specify the length of time (in minutes) that the token can be refreshed
| within. I.E. The user can refresh their token within a 2 week window of
| the original token being created until they must re-authenticate.
| Defaults to 2 weeks.
|
| You can also set this to null, to yield an infinite refresh time.
| Some may want this instead of never expiring tokens for e.g. a mobile app.
| This is not particularly recommended, so make sure you have appropriate
| systems in place to revoke the token if necessary.
|
*/

'refresh_ttl' => env('JWT_REFRESH_TTL', 20160),

/*
|--------------------------------------------------------------------------
| JWT hashing algorithm
|--------------------------------------------------------------------------
|
| Specify the hashing algorithm that will be used to sign the token.
|
| See here: https://github.com/namshi/jose/tree/master/src/Namshi/JOSE/Signer/OpenSSL
| for possible values.
|
*/

'algo' => env('JWT_ALGO', 'HS256'),

/*
|--------------------------------------------------------------------------
| Required Claims
|--------------------------------------------------------------------------
|
| Specify the required claims that must exist in any token.
| A TokenInvalidException will be thrown if any of these claims are not
| present in the payload.
|
*/

'required_claims' => [
    'iss',
    'iat',

// 'exp', 'nbf', 'sub', 'jti', ],

/*
|--------------------------------------------------------------------------
| Persistent Claims
|--------------------------------------------------------------------------
|
| Specify the claim keys to be persisted when refreshing a token.
| `sub` and `iat` will automatically be persisted, in
| addition to the these claims.
|
| Note: If a claim does not exist then it will be ignored.
|
*/

'persistent_claims' => [
    // 'foo',
    // 'bar',
],

/*
|--------------------------------------------------------------------------
| Lock Subject
|--------------------------------------------------------------------------
|
| This will determine whether a `prv` claim is automatically added to
| the token. The purpose of this is to ensure that if you have multiple
| authentication models e.g. `App\User` & `App\OtherPerson`, then we
| should prevent one authentication request from impersonating another,
| if 2 tokens happen to have the same id across the 2 different models.
|
| Under specific circumstances, you may want to disable this behaviour
| e.g. if you only have one authentication model, then you would save
| a little on token size.
|
*/

'lock_subject' => true,

/*
|--------------------------------------------------------------------------
| Leeway
|--------------------------------------------------------------------------
|
| This property gives the jwt timestamp claims some "leeway".
| Meaning that if you have any unavoidable slight clock skew on
| any of your servers then this will afford you some level of cushioning.
|
| This applies to the claims `iat`, `nbf` and `exp`.
|
| Specify in seconds - only if you know you need it.
|
*/

'leeway' => env('JWT_LEEWAY', 0),

/*
|--------------------------------------------------------------------------
| Blacklist Enabled
|--------------------------------------------------------------------------
|
| In order to invalidate tokens, you must have the blacklist enabled.
| If you do not want or need this functionality, then set this to false.
|
*/

'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', false),

/*
| -------------------------------------------------------------------------
| Blacklist Grace Period
| -------------------------------------------------------------------------
|
| When multiple concurrent requests are made with the same JWT,
| it is possible that some of them fail, due to token regeneration
| on every request.
|
| Set grace period in seconds to prevent parallel request failure.
|
*/

'blacklist_grace_period' => env('JWT_BLACKLIST_GRACE_PERIOD', 0),

/*
|--------------------------------------------------------------------------
| Cookies encryption
|--------------------------------------------------------------------------
|
| By default Laravel encrypt cookies for security reason.
| If you decide to not decrypt cookies, you will have to configure Laravel
| to not encrypt your cookie token by adding its name into the $except
| array available in the middleware "EncryptCookies" provided by Laravel.
| see https://laravel.com/docs/master/responses#cookies-and-encryption
| for details.
|
| Set it to true if you want to decrypt cookies.
|
*/

'decrypt_cookies' => false,

/*
|--------------------------------------------------------------------------
| Providers
|--------------------------------------------------------------------------
|
| Specify the various providers used throughout the package.
|
*/

'providers' => [

    /*
    |--------------------------------------------------------------------------
    | JWT Provider
    |--------------------------------------------------------------------------
    |
    | Specify the provider that is used to create and decode the tokens.
    |
    */

    'jwt' => Tymon\JWTAuth\Providers\JWT\Lcobucci::class,

    /*
    |--------------------------------------------------------------------------
    | Authentication Provider
    |--------------------------------------------------------------------------
    |
    | Specify the provider that is used to authenticate users.
    |
    */

    'auth' => Tymon\JWTAuth\Providers\Auth\Illuminate::class,

    /*
    |--------------------------------------------------------------------------
    | Storage Provider
    |--------------------------------------------------------------------------
    |
    | Specify the provider that is used to store tokens in the blacklist.
    |
    */

    'storage' => Tymon\JWTAuth\Providers\Storage\Illuminate::class,

],

];

` Error shown https://i.imgur.com/A2cCf22.png

Actual behaviour

https://i.imgur.com/A2cCf22.png

[wilcorrea]

+1

[wilcorrea]

In my case if I change

...
'defaults' => [
    'guard' => 'api',
...

to framework's default (as below) it works

...
'defaults' => [
    'guard' => 'web',
...

Now I'm testing to look if the changes crash anything

[vishytk]

I am creating auth/usermanagement code as Laravel package using Orchestra/TestBench and I get the same error when I run test in the package tree.

Tests run fine when I run them inside a separate Laravel tree (containing my package).

[vishytk]

I am creating auth/usermanagement code as Laravel package using Orchestra/TestBench and I get the same error when I run test in the package tree.

Tests run fine when I run them inside a separate Laravel tree (containing my package).

Error when test run inside the package tree.

pf user_can_login_with_valid_credentials PHPUnit 8.4.3 by Sebastian Bergmann and contributors.

Illuminate\Foundation\Testing\TestResponse^ {#1186 +baseResponse: Illuminate\Http\Response^ {#1216 +headers: Symfony\Component\HttpFoundation\ResponseHeaderBag^ {#1217

computedCacheControl: array:2 [

    "no-cache" => true
    "private" => true
  ]
  #cookies: []
  #headerNames: array:3 [
    "cache-control" => "Cache-Control"
    "date" => "date"
    "content-type" => "Content-Type"
  ]
  #headers: array:3 [
    "cache-control" => array:1 [
      0 => "no-cache, private"
    ]
    "date" => array:1 [
      0 => "Thu, 07 Nov 2019 12:52:02 GMT"
    ]
    "content-type" => array:1 [
      0 => "text/html; charset=UTF-8"
    ]
  ]
  #cacheControl: array:2 [
    "no-cache" => true
    "private" => true
  ]
}
#content: """
  <!DOCTYPE html>\n
  <html lang="en">\n
      <head>\n
          <meta charset="utf-8">\n
          <meta name="viewport" content="width=device-width, initial-scale=1">\n
  \n
          <title>Server Error</title>\n
  \n
          <!-- Fonts -->\n
          <link rel="dns-prefetch" href="//fonts.gstatic.com">\n
          <link href="https://fonts.googleapis.com/css?family=Nunito" rel="stylesheet">\n
  \n
          <!-- Styles -->\n
          <style>\n
              html, body {\n
                  background-color: #fff;\n
                  color: #636b6f;\n
                  font-family: 'Nunito', sans-serif;\n
                  font-weight: 100;\n
                  height: 100vh;\n
                  margin: 0;\n
              }\n
  \n
              .full-height {\n
                  height: 100vh;\n
              }\n
  \n
              .flex-center {\n
                  align-items: center;\n
                  display: flex;\n
                  justify-content: center;\n
              }\n
  \n
              .position-ref {\n
                  position: relative;\n
              }\n
  \n
              .code {\n
                  border-right: 2px solid;\n
                  font-size: 26px;\n
                  padding: 0 15px 0 15px;\n
                  text-align: center;\n
              }\n
  \n
              .message {\n
                  font-size: 18px;\n
                  text-align: center;\n
              }\n
          </style>\n
      </head>\n
      <body>\n
          <div class="flex-center position-ref full-height">\n
              <div class="code">\n
                  500            </div>\n
  \n
              <div class="message" style="padding: 10px;">\n
                  Server Error            </div>\n
          </div>\n
      </body>\n
  </html>\n
  """
#version: "1.1"
#statusCode: 500
#statusText: "Internal Server Error"
#charset: null
+original: """
  <!DOCTYPE html>\n
  <html lang="en">\n
      <head>\n
          <meta charset="utf-8">\n
          <meta name="viewport" content="width=device-width, initial-scale=1">\n
  \n
          <title>Server Error</title>\n
  \n
          <!-- Fonts -->\n
          <link rel="dns-prefetch" href="//fonts.gstatic.com">\n
          <link href="https://fonts.googleapis.com/css?family=Nunito" rel="stylesheet">\n
  \n
          <!-- Styles -->\n
          <style>\n
              html, body {\n
                  background-color: #fff;\n
                  color: #636b6f;\n
                  font-family: 'Nunito', sans-serif;\n
                  font-weight: 100;\n
                  height: 100vh;\n
                  margin: 0;\n
              }\n
  \n
              .full-height {\n
                  height: 100vh;\n
              }\n
  \n
              .flex-center {\n
                  align-items: center;\n
                  display: flex;\n
                  justify-content: center;\n
              }\n
  \n
              .position-ref {\n
                  position: relative;\n
              }\n
  \n
              .code {\n
                  border-right: 2px solid;\n
                  font-size: 26px;\n
                  padding: 0 15px 0 15px;\n
                  text-align: center;\n
              }\n
  \n
              .message {\n
                  font-size: 18px;\n
                  text-align: center;\n
              }\n
          </style>\n
      </head>\n
      <body>\n
          <div class="flex-center position-ref full-height">\n
              <div class="code">\n
                  500            </div>\n
  \n
              <div class="message" style="padding: 10px;">\n
                  Server Error            </div>\n
          </div>\n
      </body>\n
  </html>\n
  """
+exception: InvalidArgumentException {#1190
  #message: "Auth driver [jwt] for guard [api] is not defined."
  #code: 0
  #file: "./vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php"
  #line: 97
  trace: {
    ./vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php:97 { …}
    ./vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php:68 { …}
    ./vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php:54 { …}
    Illuminate\Auth\AuthManager->Illuminate\Auth\{closure}() {}
    ./vendor/laravel/framework/src/Illuminate/Auth/AuthServiceProvider.php:84 { …}
    Illuminate\Auth\AuthServiceProvider->Illuminate\Auth\{closure}() {}
    ./vendor/laravel/framework/src/Illuminate/Http/Request.php:517 { …}
    ./vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php:97 { …}
    ./vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php:49 { …}
    ./vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:171 { …}
    ./vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:105 { …}
    ./vendor/laravel/framework/src/Illuminate/Routing/Router.php:682 { …}
    ./vendor/laravel/framework/src/Illuminate/Routing/Router.php:657 { …}
    ./vendor/laravel/framework/src/Illuminate/Routing/Router.php:623 { …}
    ./vendor/laravel/framework/src/Illuminate/Routing/Router.php:612 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php:176 { …}
    ./vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:130 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php:21 { …}
    ./vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:171 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php:21 { …}
    ./vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:171 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php:27 { …}
    ./vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:171 { …}
    ./vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php:105 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php:151 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php:116 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php:434 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php:252 { …}
    ./tests/Feature/AuthTest.php:29 {
      ›     'username' => $user->username,
      ›     'password' => $password,
      › ]));
      arguments: {
        $uri: "http://localhost/auth/login?username=admin&password=secret"
      }
    }
    ./vendor/phpunit/phpunit/src/Framework/TestCase.php:1400 { …}
    ./vendor/phpunit/phpunit/src/Framework/TestCase.php:1020 { …}
    ./vendor/phpunit/phpunit/src/Framework/TestResult.php:691 { …}
    ./vendor/phpunit/phpunit/src/Framework/TestCase.php:752 { …}
    ./vendor/phpunit/phpunit/src/Framework/TestSuite.php:569 { …}
    ./vendor/phpunit/phpunit/src/Framework/TestSuite.php:569 { …}
    ./vendor/phpunit/phpunit/src/Framework/TestSuite.php:569 { …}
    ./vendor/phpunit/phpunit/src/TextUI/TestRunner.php:616 { …}
    /home/vishy/.config/composer/vendor/phpunit/phpunit/src/TextUI/Command.php:200 { …}
    /home/vishy/.config/composer/vendor/phpunit/phpunit/src/TextUI/Command.php:159 { …}
    /home/vishy/.config/composer/vendor/phpunit/phpunit/phpunit:61 { …}
  }
}

}

streamedContent: null

}

[vishytk]

I am creating auth/usermanagement code as Laravel package using Orchestra/TestBench and I get the same error when I run test in the package tree.

Tests run fine when I run them inside a separate Laravel tree (containing my package).

When same test run inside Laravel tree instead:

pf user_can_login_with_valid_credentials PHPUnit 8.4.3 by Sebastian Bergmann and contributors.

Illuminate\Foundation\Testing\TestResponse^ {#404 +baseResponse: Illuminate\Http\JsonResponse^ {#1302

data: "{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3RcL2F1dGhcL2xvZ2luIiwiaWF0IjoxNTczMTMwODcwLCJleHAiOjE1NzMxNzQwNzAsIm5iZiI6MTU3MzEzMDg3MCwianRpIjoid2hQZlhJOWxLOXdiRkVmNCIsInN1YiI6MSwicHJ2IjoiOTFiNWMwNjAyNTdiYzE3MTE3OGRhZTlhYTY0NjQ2MzA0OGI4YzMwMyJ9.W8JPaIzcIm2Ij_Z7kHvFqa32J4A2yxBU2OGM4LwkVR0","token_type":"bearer","expires_in":43200}"

#callback: null
#encodingOptions: 0
+headers: Symfony\Component\HttpFoundation\ResponseHeaderBag^ {#1303
  #computedCacheControl: array:2 [
    "no-cache" => true
    "private" => true
  ]
  #cookies: []
  #headerNames: array:5 [
    "cache-control" => "Cache-Control"
    "date" => "Date"
    "content-type" => "Content-Type"
    "x-ratelimit-limit" => "X-RateLimit-Limit"
    "x-ratelimit-remaining" => "X-RateLimit-Remaining"
  ]
  #headers: array:5 [
    "cache-control" => array:1 [
      0 => "no-cache, private"
    ]
    "date" => array:1 [
      0 => "Thu, 07 Nov 2019 12:47:50 GMT"
    ]
    "content-type" => array:1 [
      0 => "application/json"
    ]
    "x-ratelimit-limit" => array:1 [
      0 => 60
    ]
    "x-ratelimit-remaining" => array:1 [
      0 => 59
    ]
  ]
  #cacheControl: []
}
#content: "{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3RcL2F1dGhcL2xvZ2luIiwiaWF0IjoxNTczMTMwODcwLCJleHAiOjE1NzMxNzQwNzAsIm5iZiI6MTU3MzEzMDg3MCwianRpIjoid2hQZlhJOWxLOXdiRkVmNCIsInN1YiI6MSwicHJ2IjoiOTFiNWMwNjAyNTdiYzE3MTE3OGRhZTlhYTY0NjQ2MzA0OGI4YzMwMyJ9.W8JPaIzcIm2Ij_Z7kHvFqa32J4A2yxBU2OGM4LwkVR0","token_type":"bearer","expires_in":43200}"
#version: "1.1"
#statusCode: 200
#statusText: "OK"
#charset: null
+original: array:3 [
  "access_token" => "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3RcL2F1dGhcL2xvZ2luIiwiaWF0IjoxNTczMTMwODcwLCJleHAiOjE1NzMxNzQwNzAsIm5iZiI6MTU3MzEzMDg3MCwianRpIjoid2hQZlhJOWxLOXdiRkVmNCIsInN1YiI6MSwicHJ2IjoiOTFiNWMwNjAyNTdiYzE3MTE3OGRhZTlhYTY0NjQ2MzA0OGI4YzMwMyJ9.W8JPaIzcIm2Ij_Z7kHvFqa32J4A2yxBU2OGM4LwkVR0"
  "token_type" => "bearer"
  "expires_in" => 43200
]
+exception: null

}

streamedContent: null

}

[Moustafa22]

I encountered the same issue, Basically, this issue is showing because JWT is not compatible with Laravel 6.3 and there is changes in Middlewares' flow of events.

So after tracing the error, I found a temp solution you can use while they are releasing 6.3 compatible release.

The main issue here is in config/auth.php setting the default guard to api while its' driver is not defined.

to solve this change as follow:

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],
    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'jwt',
            ...

And refresh your cache php artisan config:cac

This will cause an error in AuthController (as in the documentation) Method Illuminate\Auth\SessionGuard::factory does not exist, ignore it and complete your controller.

Follow the documentation carefully. then to solve the error, after finishing the controller just use this guard function

    public function guard()
    {
        return Auth::guard('api');
    }

Or if you're not following the documentation just use this guard

    Auth::guard('api')->attempt([...])

Somehow, the JWT driver is now defined !!

[anrei0000]

I seem to have this issue as well with laravel/framework v6.18.13.

My workaround works like this:

• set web default guard in config/auth.php

  'defaults' => [
      'guard' => 'web',
      'passwords' => 'users',
  ],

• create a new middleware UseApiGuard.php with this handle method:

  public function handle($request, Closure $next)
  {
      Auth::shouldUse('api');
  
      return $next($request);
  }

• attach that middleware in the api middleware group in app/Http/Kernel.php

  protected $middlewareGroups
      = [
          ...
          'api' => [
                    UseApiGuard::class,
                    ...
           ]]

• use the api middleware to protect my routes

  
  Route::group([
  
  'middleware' => 'api'], fuction ($router){
            ...
  });

[totymedli]

For me this happened after I upgraded to Laravel 7. According to the upgrade guide App\Exceptions\Handler now uses Throwable instead of Exception. If you have traits used in this handler, update those too.

[AbdulrazakZakieh]

I solved the problem by adding this line to app.php in config folder to the providers: ` 'providers' => [

    /*
     * Laravel Framework Service Providers...
     */
    // ......
   Tymon\JWTAuth\Providers\LaravelServiceProvider::class,

] and this is my auth.php content: 'defaults' => [ 'guard' => 'web', 'passwords' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api_customer' => [ 'driver' => 'jwt', 'provider' => 'api_customer', ], // .... `