security: providers: user_db: entity: { class: App\Entity\User, property: username } firewalls: login: pattern: ^/api/auth/login stateless: true anonymous: true form_login: check_path: /api/auth/login success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure require_previous_session: false api: pattern: ^/api stateless: true guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false main: anonymous: true form_login: login_path: login check_path: login access_control: - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/api, roles: IS_AUTHENTICATED_FULLY } encoders: App\Entity\User: bcrypt