PHPackages xcoorp/laravel-passport-introspection - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. xcoorp/laravel-passport-introspection ActiveLibrary[Authentication & Authorization](/categories/authentication) xcoorp/laravel-passport-introspection ===================================== Package to add an introspection endpoint to Laravel Passport v2.0.1(1mo ago)42.5k↓33.3%[1 PRs](https://github.com/xcoorp/laravel-passport-introspection/pulls)MITPHPPHP ^8.3 || ^8.4 || ^8.5CI passing Since Jun 25Pushed 1mo ago1 watchersCompare [ Source](https://github.com/xcoorp/laravel-passport-introspection)[ Packagist](https://packagist.org/packages/xcoorp/laravel-passport-introspection)[ Docs](https://github.com/xcoorp/laravel-passport-introspection)[ RSS](/packages/xcoorp-laravel-passport-introspection/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (5)Dependencies (10)Versions (16)Used By (0) [![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE)[![Laravel Version Requirements](https://camo.githubusercontent.com/73c83946578ddecab24143fda06e6c6ffeaa1ec9bb2e209776e011ff4e0ef460/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c61726176656c2d7e31312e302d677261793f6c6f676f3d6c61726176656c267374796c653d666c61742d737175617265266c6162656c436f6c6f723d463035333430266c6f676f436f6c6f723d7768697465)](composer.json) Introduction ------------ [](#introduction) Laravel Passport Introspection is a Laravel Passport addition that provides an introspection endpoint for your Laravel application. This is useful if you want to introspect tokens in your application, e.g. to check if a token is still valid or to get information about the token. You will typically need this if you set up a separate resource server that is meant to authenticate against an Authentication Server running Laravel Passport. To setup a resource server, you can check out the [Passport Control Package.](https://github.com/xcoorp/laravel-passport-control) Table of Contents ----------------- [](#table-of-contents) - [Installation](#installation) - [Usage](#usage) - [Testing](#testing) - [Code of Conduct](#code-of-conduct) - [License](#license) Installation ------------ [](#installation) Important This package assumes you have already installed and configured Laravel Passport in your Laravel application. You can simply install the package via composer: ``` composer require xcoorp/laravel-passport-introspection ``` After the installation you need to add the `introspect` scope to the configured passport `scopes`. If you haven't already defined scopes or do not know how to do this, please refer to the [official Laravel Passport documentation](https://laravel.com/docs/11.x/passport#defining-scopes). ``` use Laravel\Passport\Passport; Passport::tokensCan([ 'introspect' => 'Introspect tokens', ]); ``` Usage ----- [](#usage) Once you have installed the package, a new Route will be available at `/oauth/introspect` that you can use to introspect tokens. Please note that the introspection endpoint is not meant to be publicly accessible since it can leak sensitive information about your tokens. Therefore, this package makes use of the client credentials grant to authenticate the request. More information on what this is and how to create a client credentials grant client can be found in the [official Laravel Passport documentation](https://laravel.com/docs/11.x/passport#client-credentials-grant-tokens). Once you have created a client credentials grant client, and received an access token for it, you can use the token to authenticate against the introspection endpoint via Bearer Authentication. The endpoint expects a `POST` request with the following inside the request body (application/x-www-form-urlencoded): ParameterValuetokenThe token you want to introspect.token\_type\_hint (optional)The type of token you want to introspect. This can be either `access_token` or `refresh_token`. If you do not provide this parameter, the endpoint will try to introspect the token as an access token.The endpoint will return a JSON response with the following parameters: KeyValueactiveA boolean indicating whether the token is active or notscopeA JSON string containing a space-separated list of scopes associated with this tokenclient\_idThe client id of the client that requested this token.usernameThe unique identifier of the user that requested this tokenexpInteger timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token will expireIf you want to customize the Route or the Controller that handles the introspection request, you can disable route publishing of this package and create your own route and controller. You can do this by adding the following line to the `boot` method of your `AppServiceProvider`: ``` public function boot() { PassportIntrospection::ignoreRoutes(); } ``` Testing ------- [](#testing) Functionality of this package is tested with [Pest PHP](https://pestphp.com/). You can run the tests with: ``` composer test ``` Code of Conduct --------------- [](#code-of-conduct) In order to ensure that the community is welcoming to all, please review and abide by the [Code of Conduct](CODE_OF_CONDUCT.md). Security Vulnerabilities ------------------------ [](#security-vulnerabilities) Please review the [security policy](SECURITY.md) on how to report security vulnerabilities. License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE) for more information. ### Health Score 50 — FairBetter than 96% of packages Maintenance89 Actively maintained with recent releases Popularity24 Limited adoption so far Community9 Small or concentrated contributor base Maturity65 Established project with proven stability Bus Factor1 Top contributor holds 60.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~63 days Recently: every ~78 days Total 11 Last Release 55d ago Major Versions v1.0.2 → v2.0.0-alpha2025-02-24 PHP version history (3 changes)v1.0.0PHP ^8.3 v2.0.0-alpha.2PHP ^8.3 || ^8.4 v2.0.1PHP ^8.3 || ^8.4 || ^8.5 ### Community Maintainers ![](https://www.gravatar.com/avatar/d6703727b3960b7f58325c28bc4b209acd71c4499d383759fc8397db50691a17?d=identicon)[toitzi](/maintainers/toitzi) --- Top Contributors [![toitzi](https://avatars.githubusercontent.com/u/42447585?v=4)](https://github.com/toitzi "toitzi (14 commits)")[![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4)](https://github.com/github-actions[bot] "github-actions[bot] (9 commits)") --- Tags introspectionlaraveloauthpassportlaraveloauthpassportintrospection ### Code Quality Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/xcoorp-laravel-passport-introspection/health.svg) ``` [![Health](https://phpackages.com/badges/xcoorp-laravel-passport-introspection/health.svg)](https://phpackages.com/packages/xcoorp-laravel-passport-introspection) ``` ### Alternatives [codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp)[corbosman/laravel-passport-claims Add claims to Laravel Passport JWT Tokens 88655.9k](/packages/corbosman-laravel-passport-claims)[jeremy379/laravel-openid-connect OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport. 55342.3k2](/packages/jeremy379-laravel-openid-connect)[danjdewhurst/laravel-passport-facebook-login Facebook Token Request Grant for Laravel Passport 2824.4k](/packages/danjdewhurst-laravel-passport-facebook-login)[mikemclin/passport-custom-request-grant Custom Request Grant for Laravel Passport 343.6k](/packages/mikemclin-passport-custom-request-grant) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)