Build RESTful APIs with Laravel using API Resources, Sanctum authentication, rate limiting, and versioning. Use when creating API endpoints, transforming responses, or handling API authentication.
name: laravel-api
description: Build RESTful APIs with Laravel using API Resources, Sanctum authentication, rate limiting, and versioning. Use when creating API endpoints, transforming responses, or handling API authentication.
versions:
laravel: "12.46"
php: "8.5"
user-invocable: true
references: references/routing.md, references/controllers.md, references/middleware.md, references/requests.md, references/responses.md, references/validation.md, references/pagination.md, references/http-client.md, references/rate-limiting.md, references/redirects.md, references/urls.md, references/strings.md
related-skills: laravel-auth, laravel-eloquent, laravel-testing
Laravel API Development
Agent Workflow (MANDATORY)
Before ANY implementation, launch in parallel:
fuse-ai-pilot:explore-codebase - Analyze existing API patterns
fuse-ai-pilot:research-expert - Verify Laravel API docs via Context7
mcp__context7__query-docs - Check API Resources and Sanctum patterns
After implementation, run fuse-ai-pilot:sniper for validation.
Overview
Build RESTful APIs with Laravel using API Resources for response transformation and Sanctum for authentication.
Component
Purpose
Controllers
Handle requests, delegate to services
Form Requests
Validate input, authorize actions
API Resources
Transform models to JSON
Middleware
Auth, rate limiting, CORS
Routes
Versioned endpoints with groups
Pagination
Offset/cursor pagination
HTTP Client
Consume external APIs
Critical Rules
Always use API Resources - Never return Eloquent models directly
Versioned routes - Prefix with /v1/, /v2/
Validate all input - Use Form Requests, not inline validation
Rate limiting - Configure per-route limits
Consistent responses - Same structure, proper status codes
Use services - Keep controllers thin
Eager load - Prevent N+1 with with() before pagination