Unlike Laravel gate and policy, we can authorize users for a specific task using Laravel pennant. Laravel 10 releases this new feature in their latest release. So from the laravel 10 version, we can use this Laravel pennant feature.

We can define laravel pennant using Feature facades. pennant is a composer package. So there is the command to install it in the Laravel application. In this tutorial, I will show you how to define laravel pennant and how to use them in laravel applications to authorize user action.

You want to private some data and you need to verify the user before accessing it. In this case, the Laravel pennant is there. So let's see how to use Laravel pennant.


Step 1: Install Laravel

Install a fresh laravel 10 application by the below command:

composer create-project laravel/laravel example-app


Step 2: Connect Database

After successfully installing the laravel app and then configuring the database setup. We will open the ".env" file and change the database name, username, and password in the env file to create how to how define laravel pennant and what is this pennant.




Step 3: Install Laravel pennant

Now run the below command to install laravel pennant package.

composer require laravel/pennant


Now you have to run this migration by following the command:

php artisan migrate


Now we are going to create a system that, only the editor can access our data. So we will create a method that will verify whether a user is an editor or not. So update the user model like below;



namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable
    use HasApiTokens, HasFactory, Notifiable;

    public function isEditor()
        return $this->id == 1;


Step 4: Defining Laravel Pennant

Now in this step, we will define our pennant like that:



namespace App\Providers;

use App\Models\User;
use Laravel\Pennant\Feature;
use Illuminate\Support\ServiceProvider;

class AppServiceProvider extends ServiceProvider
     * Register any application services.
    public function register(): void

     * Bootstrap any application services.
    public function boot(): void
        Feature::define('test-todo', function (User $user) {
            return $user->isEditor();


Step 5: Create Auth

Now in this step, we will create a one-time authorization system in Laravel to check whether a logged-in user has the ability to check this data using Laravel pennant.



use Illuminate\Support\Facades\Route;

| Web Routes
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "web" middleware group. Make something great!


Route::get('/', function () {
    return view('welcome');


Step 6: Check Laravel Pennant

Now all are ok, now we will check our Laravel pennant feature like:


<!DOCTYPE html>
<html lang="{{ str_replace('_', '-', app()->getLocale()) }}">
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">
    <body class="antialiased">
        <h1>Welcome, we are learning Laravel pennant</h1>


Read also: Laravel 10 Algolia Full Text Search Tutorial



Look at what, I have shared about the concept of what is Laravel pennant. Now we know how to install Laravel pennant and how to use them in Laravel application. Hope this laravel pennant tutorial will help you.