mariselli/routing.yml

## routing.yml
acme_api:
    type: rest
    prefix: /
    resource: "@AcmeBundle/Resources/config/routing_api.yml"

## routing_api.yml
# REST API - OAUTH Access
acme_api_users:
    resource: AcmeBundle\Controller\UsersController
    type:     rest
    defaults: {_format: json}
    prefix:   /api
    name_prefix:  api_

# REST API - Frontend Client Access
acme_webapi_users:
    resource: AcmeBundle\Controller\UsersController
    type:     rest
    defaults: {_format: json}
    prefix:   /web-api
    name_prefix:  webapi_

## security.yml
firewalls:
    api:
        pattern:    ^/api
        fos_oauth:  true
        stateless:  true

    oauth_token:
        pattern:    ^/oauth/v2/token
        security:   false

    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            login_path: /login
            check_path: /login_check
        logout:       true
        anonymous:    true

access_control:
    - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
    - { path: ^/web-api, roles: [ IS_AUTHENTICATED_FULLY ] }
	acme_api:
	type: rest
	prefix: /
	resource: "@AcmeBundle/Resources/config/routing_api.yml"
	# REST API - OAUTH Access
	acme_api_users:
	resource: AcmeBundle\Controller\UsersController
	type: rest
	defaults: {_format: json}
	prefix: /api
	name_prefix: api_

	# REST API - Frontend Client Access
	acme_webapi_users:
	resource: AcmeBundle\Controller\UsersController
	type: rest
	defaults: {_format: json}
	prefix: /web-api
	name_prefix: webapi_
	firewalls:
	api:
	pattern: ^/api
	fos_oauth: true
	stateless: true

	oauth_token:
	pattern: ^/oauth/v2/token
	security: false

	main:
	pattern: ^/
	form_login:
	provider: fos_userbundle
	csrf_provider: form.csrf_provider
	login_path: /login
	check_path: /login_check
	logout: true
	anonymous: true

	access_control:
	- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
	- { path: ^/web-api, roles: [ IS_AUTHENTICATED_FULLY ] }