FOSUserBundle Integration
Installing the Bundle
The installation procedure of the FOSUserBundle is described in the main Symfony docs
You can:
- Skip step 3 (Create your User class) and use the class provided in the next paragraph to set up serialization groups the correct way
- Skip step 4 (Configure your application's security.yml)
if you are planning to use a JWT-based authentication using
LexikJWTAuthenticationBundle
If you are using the API Platform Standard Edition, you will need to enable the form services in the symfony framework configuration options:
# api/config/packages/framework.yaml
framework:
form: { enabled: true }
Creating a User
Entity with Serialization Groups
Here's an example of declaration of a Doctrine ORM User class.
There's also an example for a Doctrine MongoDB ODM.
You need to use serialization groups to hide some properties like plainPassword
(only in read) and password
. The properties
shown are handled with normalizationContext
, while the properties
you can modify are handled with denormalizationContext
.
Create your User entity with serialization groups:
<?php
// api/src/Entity/User.php
namespace App\Entity;
use ApiPlatform\Metadata\ApiResource;
use Doctrine\ORM\Mapping as ORM;
use FOS\UserBundle\Model\User as BaseUser;
use FOS\UserBundle\Model\UserInterface;
use Symfony\Component\Serializer\Annotation\Groups;
#[ORM\Entity]
#[ORM\Table(name: 'fos_user')]
#[ApiResource(
normalizationContext: ['groups' => ['user']],
denormalizationContext: ['groups' => ['user', 'user:write']],
)]
class User extends BaseUser
{
#[ORM\Id, ORM\Column, ORM\GeneratedValue]
protected ?int $id = null;
#[Groups("user")]
protected string $email;
#[ORM\Column(nullable: true)]
#[Groups("user")]
protected string $fullname;
#[Groups("user:write")]
protected string $plainPassword;
#[Groups("user")]
protected string $username;
public function setFullname(?string $fullname): void
{
$this->fullname = $fullname;
}
public function getFullname(): ?string
{
return $this->fullname;
}
public function isUser(?UserInterface $user = null): bool
{
return $user instanceof self && $user->id === $this->id;
}
}
What' new?

Sep 15,16 2022: new edition of our conference dedicated to API Platform and its ecosystem!
The Distribution: Create Powerful APIs with Ease
Core
- General Design Considerations
- GraphQL Support
- Enabling GraphQL
- Changing Location of the GraphQL Endpoint
- GraphiQL
- GraphQL Playground
- Modifying or Disabling the Default IDE
- Request with application/graphql Content-Type
- Operations
- Queries
- Mutations
- Subscriptions
- Workflow of the Resolvers
- Events
- Filters
- Pagination
- Security
- Serialization Groups
- Exception and Error
- Name Conversion
- Custom Types
- Modify the Extracted Types
- Changing the Serialization Context Dynamically
- Export the Schema in SDL
- Handling File Upload
- Change Default Descriptions
- State Providers
- Filters
- Doctrine ORM and MongoDB ODM Filters
- Elasticsearch Filters
- Serializer Filters
- Creating Custom Filters
- ApiFilter Attribute
- The Serialization Process
- Overall Process
- Available Serializers
- The Serialization Context, Groups and Relations
- Using Serialization Groups
- Using Serialization Groups per Operation
- Embedding Relations
- Property Normalization Context
- Calculated Field
- Changing the Serialization Context Dynamically
- Changing the Serialization Context on a Per-item Basis
- Name Conversion
- Decorating a Serializer and Adding Extra Data
- Entity Identifier Case
- Embedding the JSON-LD Context
- Collection Relation
- Validation
- Validating Submitted Data
- Using Validation Groups
- Using Validation Groups on Operations
- Dynamic Validation Groups
- Sequential Validation Groups
- Validating Delete Operations
- Error Levels and Payload Serialization
- Validation on Collection Relations
- Open Vocabulary Generated from Validation Metadata
- Specification Property Restrictions
- Collecting Denormalization Errors
- Overriding Default Order
- OpenAPI Specification Support (formerly Swagger)
- Using the OpenAPI Command
- Overriding the OpenAPI Specification
- Using the OpenAPI and Swagger Contexts
- Disabling an Operation From OpenAPI Documentation
- Changing the Name of a Definition
- Changing Operations in the OpenAPI Documentation
- Disabling Swagger UI or ReDoc
- Changing the Location of Swagger UI
- Using a custom Asset Package in Swagger UI
- Overriding the UI Template
- Compatibility Layer with Amazon API Gateway
- OAuth
- Info Object
- Pushing Related Resources Using HTTP/2
- Using External Vocabularies
- URL Generation Strategy
- NelmioApiDocBundle Integration
- Bootstraping the core library
Schema Generator
- Configuration
- Customizing PHP Namespaces
- Forcing a Field Type (Range)
- Forcing a Field Cardinality
- Changing the Default Cardinality
- Adding a Custom Attribute or Modifying a Generated Attribute
- Forcing (or Enabling) a Class Parent
- Forcing a Class to be Abstract
- Define API Platform Operations
- Forcing a Nullable Property
- Forcing a Unique Property
- Making a Property Read-Only
- Making a Property Write-Only
- Forcing an Embeddable Class to be Embedded
- Skipping Accessor Method Generation
- Using Fluent Mutator Methods
- Disabling the id Generator
- Generating UUIDs
- User-submitted UUIDs
- Generating Custom IDs
- Disabling Usage of Doctrine Collections
- Changing the Field Visibility
- Generating Assert\Type Attributes
- Forcing Doctrine Inheritance Mapping Attribute
- Interfaces and Doctrine Resolve Target Entity Listener
- Custom Schemas
- All Types, Resolve Types and Exclude
- Checking GoodRelation Compatibility
- Author PHPDoc
- PHP File Header
- Disabling Generators and Creating Custom Ones
- Full Configuration Reference