Securing by Verb (GET, POST, PUT, etc)

In the last video we looked at how we could use HTTP Basic authentication to secure our entire API generally.

In this video we will look at how we can use Symfony's Security Component and HTTP Basic to secure specific parts of our API routing setup.

You may wish to allow all users to have Read (GET) access to your API, but be more restrictive about who can write (POST, PUT, PATCH, etc) and DELETE.

By the end of this video you will have gained an understanding of how you can use Symfony's Firewalls to restrict access to individual routes up to your entire routing setup by simply matching regex patterns and providing a list of allowable Methods.

Code For This Course

Get the code for this course.

Code For This Video

Get the code for this video.


# Title Duration
1 Security That Covers Your Entire API 04:28
2 Securing by Verb (GET, POST, PUT, etc) 02:42
3 Restricting Symfony Routes Based On A User's Role 05:26