How can I test breeze API with postman?

Question

So before I test things in my SPA I always tried to play around with it in postman. Here I'm trying to register a user with Breeze API but before that I tried to get the required CSRF-TOKEN by making a request to sanctum/csrf-cookie then I tried to register a user to register route and I get this error

{
"message": "CSRF token mismatch.",
"exception": "Symfony\\Component\\HttpKernel\\Exception\\HttpException",
"file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Exceptions\\Handler.php",
"line": 380,
"trace": [
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Exceptions\\Handler.php",
        "line": 354,
        "function": "prepareException",
        "class": "Illuminate\\Foundation\\Exceptions\\Handler",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php",
        "line": 51,
        "function": "render",
        "class": "Illuminate\\Foundation\\Exceptions\\Handler",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 185,
        "function": "handleException",
        "class": "Illuminate\\Routing\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\View\\Middleware\\ShareErrorsFromSession.php",
        "line": 49,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\View\\Middleware\\ShareErrorsFromSession",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Session\\Middleware\\StartSession.php",
        "line": 121,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Session\\Middleware\\StartSession.php",
        "line": 64,
        "function": "handleStatefulRequest",
        "class": "Illuminate\\Session\\Middleware\\StartSession",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Session\\Middleware\\StartSession",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse.php",
        "line": 37,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Cookie\\Middleware\\EncryptCookies.php",
        "line": 67,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Cookie\\Middleware\\EncryptCookies",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 116,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php",
        "line": 726,
        "function": "then",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php",
        "line": 703,
        "function": "runRouteWithinStack",
        "class": "Illuminate\\Routing\\Router",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php",
        "line": 667,
        "function": "runRoute",
        "class": "Illuminate\\Routing\\Router",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php",
        "line": 656,
        "function": "dispatchToRoute",
        "class": "Illuminate\\Routing\\Router",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php",
        "line": 167,
        "function": "dispatch",
        "class": "Illuminate\\Routing\\Router",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 141,
        "function": "Illuminate\\Foundation\\Http\\{closure}",
        "class": "Illuminate\\Foundation\\Http\\Kernel",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php",
        "line": 21,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ConvertEmptyStringsToNull.php",
        "line": 31,
        "function": "handle",
        "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Foundation\\Http\\Middleware\\ConvertEmptyStringsToNull",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php",
        "line": 21,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TrimStrings.php",
        "line": 40,
        "function": "handle",
        "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Foundation\\Http\\Middleware\\TrimStrings",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize.php",
        "line": 27,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance.php",
        "line": 86,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Http\\Middleware\\HandleCors.php",
        "line": 62,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Http\\Middleware\\HandleCors",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Http\\Middleware\\TrustProxies.php",
        "line": 39,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 180,
        "function": "handle",
        "class": "Illuminate\\Http\\Middleware\\TrustProxies",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php",
        "line": 116,
        "function": "Illuminate\\Pipeline\\{closure}",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php",
        "line": 142,
        "function": "then",
        "class": "Illuminate\\Pipeline\\Pipeline",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php",
        "line": 111,
        "function": "sendRequestThroughRouter",
        "class": "Illuminate\\Foundation\\Http\\Kernel",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\public\\index.php",
        "line": 52,
        "function": "handle",
        "class": "Illuminate\\Foundation\\Http\\Kernel",
        "type": "->"
    },
    {
        "file": "C:\\coding\\laravel\\breezeapi\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\resources\\server.php",
        "line": 16,
        "function": "require_once"
    }
]

}

Can someone explain to me what I did wrong here ?

Check this topic: https://laracasts.com/discuss/channels/laravel/breeze-authenticationtest-fails-login-with-csrf-token-mismatch — JS_LnMstr, Jul 28 '22 at 10:20

score 0 · Answer 1 · answered Oct 30 '22 at 14:49

After you get the xsrf-token from the /sanctum/csrf-cookie API, store it in a Postman environment variable:

pm.environment.set("xsrf-token", pm.cookies.get('XSRF-TOKEN'));

Then, pass the stored {{xsrf-token}} value via a header key X-XSRF-TOKEN when post to the login API.

score 0 · Answer 2 · edited May 25 '23 at 08:17

add route register app\Http\Middleware\VerifyCsrfToken.php array $except

<?php

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;

class VerifyCsrfToken extends Middleware
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array<int, string>
     */
    protected $except = [
        //here
        '/login',
        '/api/*',
    ];
}

How can I test breeze API with postman?

2 Answers2