Postman started out as an API development tool, but has developed more into, as they put it, an “API Development Environment”.

An over-simplified description is it allows you to create and save requests to test your API. You can then save your requests as a collection and share or publish them for others to use.

API Platform makes it easy to deliver all properties of an entity, but what about when you want to limit what properties are accessible to either GET or POST/PUT operations?

It’s surprisingly an easy bit of configuration.

What about dynamically limiting access to properties based on something like the user’s role?

This requires creating a service class, but it is still very approachable.

This article will cover:

API Platform is a Symfony based framework for API-driven projects.

With a minimal amount of configuration after installation, you can have a fully functional REST server with an OpenAPI based Swagger front-end for exploring the API.