Securing by Verb (GET, POST, PUT, etc)

In the last video we looked at how we could use HTTP Basic authentication to secure our entire API generally.

In this video we will look at how we can use Symfony's Security Component and HTTP Basic to secure specific parts of our API routing setup.

You may wish to allow all users to have Read (GET) access to your API, but be more restrictive about who can write (POST, PUT, PATCH, etc) and DELETE.

By the end of this video you will have gained an understanding of how you can use Symfony's Firewalls to restrict access to individual routes up to your entire routing setup by simply matching regex patterns and providing a list of allowable Methods.