When doing a SPA application, if the request API interface returns 401, and it is invalid after setting according to https://laravel.com/docs/5.5/passport#consuming-your-api-with-javascript, then you can refer to here
App\Providers\AuthServiceProviderYou should have to follow the tutorial in the configuration Passport::routes(), add the following in his line Passport::$ignoreCsrfToken = true;this time you find a properly.
Yes Passport closes CSRF verification is closed separately.
