I’m developing a Laravel (v12) API-based backend. I want to implemented CSRF protection but I can’t figure out how It’s gonna be doing in Laravel version 12.x.
I read Laravel 12 CSRF protection document but it couldn’t help me.
So how can I use CSRF protection on Laravel 12 APIs?
I tried following way and it I got nothing (CSRF token is not required from server):
<?php
use IlluminateFoundationApplication;
use IlluminateFoundationConfigurationExceptions;
use IlluminateFoundationConfigurationMiddleware;
use IlluminateFoundationHttpMiddlewareVerifyCsrfToken;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
api: __DIR__.'/../routes/api.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware): void {
$middleware->validateCsrfTokens();
})
->withExceptions(function (Exceptions $exceptions): void {
//
})->create();
