Symfony FOS OAuth Server Tutorial

There is a widely held misconception that OAuth2 is the 'right way' to be doing mobile app security. I'm not saying that OAuth2 is not a great way to achieve this, but it is not 'right' for every situation.

If your security requirements are fairly basic, then OAuth2 is overkill. If you can confidently say that having your data compromised would not lead to anything more than mild embarrassment, then stick with HTTP Basic or similar, which are easier to implement.

If you're interested in knowing who is using your API, and using an API key for authentication may be just what you need.

However, if you do have stricter security needs then OAuth2 may very well be the right tool for the job.

If you have spent even a small amount of time looking into OAuth2 then you will likely have encountered all manner of fun terminology - Client Credentials, Resource Owners, Grant types, and maybe even spent a little time with RFC 6749.

Ultimately, OAuth in a Symfony2 application is made much easier thanks to the FOS OAuth Server Bundle. Throughout this tutorial series you will learn how to set up and use FOS OAuth Server Bundle combined with FOS User Bundle, and FOS REST Bundle.


Code For This Course

Get the code for this course.

Presented By

Christopher Moss

Christopher Moss

Hi, I'm Chris and welcome to In this video you will learn about... :)