API Platform Part 2: Security

This course is in the planning stages

Yep! You ❤️your new API Platform-powered API! It's just missing... well... any type of security! This is a big & important topic, so let's take it head-on in part 2 of our API Platform tutorial:

  • API token security? Or tried-and-true session based login form security?
  • CSRF protection? SameSite Cookies? Ice Cream?
  • What is JWT?
  • Installing & setting up LexikJWTAuthenticationBundle
  • Security firewall setup for JWT / authentication endpoint
  • Authorization & roles: restricting access to your operations!
  • Encoding user's password (during user creation/update)
  • API Platform custom data persister
  • Dynamic serialization groups: showing different fields based on the user
  • Custom normalizer for dynamic fields based on user
  • Custom validator to control what data a user can set

Woh. Let's do this!

Your Guides
Niels van der Molen Ryan Weaver

Questions? Conversation?

  • 2019-06-26 Alberto


  • 2019-06-26 Diego Aguiar

    Hey Alberto

    At the moment we are focused on the "Messenger" tutorial. It may take one month to start releasing this second part of the Api Platform tutorial.
    I'm sorry for any inconveniences it may cause to you but there is just too much to cover up :)


  • 2019-06-25 Alberto

    when starts?

  • 2019-06-21 Jérôme 

    I look forward watching these tutorials!

  • 2019-06-16 Vo Tan Le An

    Can't wait! <3 <3 <3

  • 2019-06-06 mouad err

    Will be a great course, thank you very much

  • 2019-06-06 Fabio Restrepo

    Great!, I would only add advanced topics such as mercure protocol and CQRS. Thanks