Symfony Security component is amongst the hardest to understand for newcomers, due to the huge numbers of new concepts. As a consequence, it is often not used or misused. This workshop will go through typical scenarios you may encounter, as adding an authentication to an API, how to set up authorization easily, or how to handle fine-grained access control. For each, we will see which tools you can use, what are the best practises and what different projects taught me. Let's see how we can do more with less custom code!