How laravel verifies X-CSRF-TOKEN when doing api Interfaces

Laravel is developing an api interface for external service requests; In laravel ajax requests, the X-CSRF-TOKEN needs to be verified {code ...} and this X-CSRF-TOKEN is laravel's own generation; while the external site or app in the request is not laravel generated _... laravel is developing APIs for external service requests;

Verification is required in laravel's ajax requestX-CSRF-TOKEN

$.ajax({                    type: 'POST',                    url: _crtA,                    data: { card : $("input[name='card']").val()},                    dataType: 'json',                    headers: {                        'X-CSRF-TOKEN': _Token                    },                    success: function(data){                                                                        layer.open({                                content: data.msg,                                time: 2                    },                    error: function(xhr, type){                        layer.closeAll();                        alert('500 error!')                    }                });

And thisX-CSRF-TOKENIs generated by laravel itself;

The external website or app does not generate laravel during request._tokenOf

How can laravel develop the corresponding request interface?

Reply content:

Laravel is developing APIs for external service requests;

Verification is required in laravel's ajax requestX-CSRF-TOKEN

$.ajax({                    type: 'POST',                    url: _crtA,                    data: { card : $("input[name='card']").val()},                    dataType: 'json',                    headers: {                        'X-CSRF-TOKEN': _Token                    },                    success: function(data){                                                                        layer.open({                                content: data.msg,                                time: 2                    },                    error: function(xhr, type){                        layer.closeAll();                        alert('500 error!')                    }                });

And thisX-CSRF-TOKENIs generated by laravel itself;

The external website or app does not generate laravel during request._tokenOf

How can laravel develop the corresponding request interface?

Since the interface for the external site itself is Cross-site, how can we verify CSRF (Cross-site request forgery. Disable method, set CSRF to route-specific middleware, or something else. laravel has not been used for a long time. There should be a way to look at the document.

If you want to disable CSRF-protection on some methods, you cocould use limit T or only.

$this->beforeFilter('csrf', array('on' => 'post',                                  'except'=>array('methodName', 'anotherMethod')                                  ));

I agree with the saying above. Why do you need to perform cross-site verification on the api interface?
The so-called csrf is a cross-site request, and the api is a cross-site request. Do you want to disable it? Is there a conflict?