Questions & Answers

Laravel Sanctum Angular Authentication 419 error code

I'm trying to setup an authentication system using Laravel Sanctum and Fortify for the back-end and Angular for the front-end.

The front-end is running on localhost:4200
the back-end is running on: localhost:8000

I followed this tutorial for the common mistakes and set the .env file accordingly so it looks like this:


and so is my cors.php configuration:


return [


    'paths' => ['*'],

    'allowed_methods' => ['*'],

    'allowed_origins' => [env('FRONTEND_URL', 'http://localhost:4200')],

    'allowed_origins_patterns' => [],

    'allowed_headers' => ['*'],

    'exposed_headers' => [],

    'max_age' => 0,

    'supports_credentials' => true,


For logging in my users I'm using this angular service function:

options = {
    headers: new HttpHeaders({
      Accept: 'application/json',
    withCredentials: true,

login(email: string, password: string): Observable<any> {
    return this.http
      .get(this.baseUrl + '/sanctum/csrf-cookie', this.options)
        switchMap(() =>

            this.baseUrl + '/login',
            { email, password },

the problem is that when I try to login I get back a 419 erro code saying that the CSRF token mismatches.

taking a look at the cookies inside the browser's console the list is empty so no cookies are passed even if the request to /csrf-cookie is successfull

What am I doing wrong her? is it the angular service or my back-end config?

Answers(1) :

I finally solved the problem after asking on every possible source, let's talk about it:

Looks like that specifically on MacOS, if you try to send a request from localhost:4200 Origin and Refero headers will not match the Host header for some reason

i solved this changing every localhost occurrence in my Laravel .env and config files and then going to inside the browser instead of localhost:4200

it's a bit weird to explain but it makes requests come to the same source even if the localhost keyword should mean IP by default

hope this will help someone