security: encoders: App\Entity\User: algorithm: argon2i # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers providers: users_in_memory: { memory: null } firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false api: pattern: ^/api/ guard: authenticators: - App\Security\TokenAuthenticator stateless: true anonymous: true lazy: true logout: ~ std: pattern: ^/main/ guard: authenticators: - App\Security\UrlAuthenticator stateless: true anonymous: true lazy: true logout: ~ main: stateless: true anonymous: true lazy: true provider: users_in_memory # activate different ways to authenticate # https://symfony.com/doc/current/security.html#firewalls-authentication # https://symfony.com/doc/current/security/impersonating_user.html # switch_user: true # Easy way to control access for large sections of your site # Note: Only the *first* access control that matches will be used access_control: # - { path: ^/admin, roles: ROLE_ADMIN } # - { path: ^/profile, roles: ROLE_USER }