Build a JWT Authenticated API with Lumen(v5.8)

Ndifreke Friday on August 24, 2019

In this tutorial, we will be using lumen; a super-fast micro-framework by laravel to build a simple and secure REST API. At the end of this tutoria... [Read Full]
markdown guide

getting this error after install jwt

php artisan jwt:secret

There are no commands defined in the "jwt" namespace.


Had the same issue.

following the docs here jwt-auth.readthedocs.io/en/develop...
especially the chapter Bootstrap file changes fixed the issue

Add the following snippet to the bootstrap/app.php file under the providers section as follows:

// Uncomment this line

// Add this line

Please check to make sure tymon/jwt-auth installed successfully

Also type php artisan to see available commands.

Keep me posted on your progress.


Side note: the command jwt:secret updates your .env file with something like JWT_SECRET=secretkeystring.

"It is the key that will be used to sign your tokens. How that happens exactly will depend on the algorithm that you choose to use."

Hi Ndifreke,
can you explain how to publish jwt library also need to token expire time and refresh token. thank you in advance.

php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"

The above command publishes the JWTAuth Package. Here's this thing, the vendor:publish command is not available in lumen.
You can try using third party packages to pull this in ( github.com/laravelista/lumen-vendo... )

For managing expiration time and refreshing tokens, this link should help out; jwt-auth.readthedocs.io/en/develop...

Hi Ndifreke,
Thanks for reply. one more thing I need if you help me. you have any example for lumen with vue also include in jwt token use.


you might want to also add

use Illuminate\Support\Facades\Auth;

when you add respondWithToken to app/Http/Controllers/Controller.php (Lumin 6+)


This is key.

I was followed step by step your tutorial, writing the code by myself (i mean, without clone your github project) and without this line (thanks @cleathley ) an error appears.

I think you should edit your post and add that line after you explain this:
«Add a global respondWithToken method to Controller class»

Anyway, great tutorial. It help me a lot!!


I'm glad it helped 👍

I will update the post, so new readers don't run into this same error.


Thanks For this, I will update the tutorial to help people not encounter this error in the future.


First of all great tutorial, thanks a lot for all your efforts dude, I've a question, how can I set a remember me system with JWT token ? And also, how to increase expiration duration from the config file (config/auth.php) ?


Would there be a need for remember me? As long as the client has the token; they have access to the system.

You could extend token's time to live for those type of users, that could work...I think.

Override the token ttl
$token = auth()->setTTL(7200)->attempt($credentials);

Further Reading


Thanks dude, I've another question please, if the token is stocked localy, then yo access protected area I've check the user token for that, if Auth::user() did the job, why we stock the token localy ?


Getting this error,

In Connection.php line 665:

SQLSTATE[HY000] [2002] Connection refused (SQL: create table migrations (id int unsigned not null auto_increment primary key, migration varchar(255) not null, batch int not
null) default character set utf8mb4 collate 'utf8mb4_unicode_ci')

In Connector.php line 70:

SQLSTATE[HY000] [2002] Connection refused

Using Homestead development environment.


This error is due to PHP not being able to connect to MySQL

"Create a .env file, copy all contents in .env.example into the .env file and add your database configurations."


Nice tutorial, very clear and straight to the point. My worry is why the dev-develope branch? The main branch, does it have an issue?


For some reason the dev-develop branch has always worked for new versions of lumen, the next best thing would be version @2.0-dev


Ok thanks. I tried using the default and it keeps failing and when i use dev-develop, it worked well.

Thanks again for the tutorial, nice, easy and straight to the point.

I come again with one question. If i log into different devices, eg 4 different clients and have 4 different tokens, will all 4 be valid simultaneously? If not, what will you suggest to be done to ensure multiple tokens are valid across different devices.


Every Token Generated that is yet to expired is valid; So yes, a user can have multiple tokens across multiple devices.


everything except php artisan jwt::secret is work...
so, i write jwt key in .env by myself..

thank you, nice tutorial...


I am yet to come across this issue. Is there an open issue on github?


I've just reviewed and coded through. It worked wonderfully~~~


Thanks for this article! Very straightforward and easy to understand : )


Thank you, very good tutorial


Hy bro, thanks for the tutorial. I want to know how I implements logout


public function logout () {
return response()->json(['message' => 'Successfully logged out']);


Does the lumen version affect? I use lumen version 6


can you go further this post by making role-based auth in lumen?


What a great tutorial. Thank you very much!


getting this error when doing login request

"Method Illuminate\Auth\RequestGuard::attempt does not exist."

Any help ?


Sorry, my mistake who put config/auth.php that not in root directory

code of conduct - report abuse