Why do I get 419 error on login made in api.php?

I've been researching for all internet why do I get this error when I try to POST on the login api route:

Status 419 unknown status Version HTTP/1.1 Transferred 6.94 KB (6.46 KB size) Referrer Policy strict-origin-when-cross-origin 

This is what I have on my UserController.php:

 public function userSignUp(Request $request) { $validator = Validator::make($request->all(), [ "name" => "required", "email" => "required|email", "password" => "required", ]); if($validator->fails()) { return response()->json(["status" => "failed", "message" => "validation_error", "errors" => $validator->errors()]); } $userDataArray = array( "name" => $request->name, "email" => $request->email, "password" => md5($request->password), ); $user_status = User::where("email", $request->email)->first(); if(!is_null($user_status)) { return response()->json(["status" => "failed", "success" => false, "message" => "Ooops! Email ya registrado anteriormente"]); } $user = User::create($userDataArray); if(!is_null($user)) { return response()->json(["status" => $this->status_code, "success" => true, "message" => "Registro completado correctamente", "data" => $user]); } else { return response()->json(["status" => "failed", "success" => false, "message" => "Fallo al registrar"]); } } // ------------ [ User Login ] ------------------- public function userLogin(Request $request) { $attr = $request->validate([ 'email' => 'required|string|email|', 'password' => 'required|string|min:6' ]); if (!Auth::attempt($attr)) { return response()->json([ 'message' => 'Invalid login details' ], 401); } $token = auth()->user()->createToken('auth_token')->plainTextToken; $user = auth()->user(); $respon = [ 'status' => 'success', 'msg' => 'Login successfully', 'content' => [ 'status_code' => 200, 'access_token' => $token, 'token_type' => 'Bearer', 'user_name' => $user->name, 'user_email' => $user->email, 'user_id' => $user->id, ] ]; return response()->json($respon, 200); } 

And I have these routes on api.php:

 Route::post("login", [UserController::class, "userLogin"]); Route::post("register", [UserController::class, "userSignUp"]); 

These routes works perfectly on the RESTED add-on on Firefox. This is on api.php, I shouldn't have any problem with csrf token.