I have an API with Oauth2 authentication developed with Symfony framework. I use the security mechanism provided by Symfony and my security.yml is as follows :
As you can see, a new user is registered by the POST request /users. But my problem is that another POST request with URL like /users/xxxx matches the rule too. Is it possible to reject URLs with the same root ? Thanks for help.