API Platform makes it easy to deliver all properties of an entity, but what about when you want to limit what properties are accessible to either GET or POST/PUT operations?
It’s surprisingly an easy bit of configuration.
What about dynamically limiting access to properties based on something like the user’s role?
This requires creating a service class, but it is still very approachable.
This article will cover: