Symfony2 authentication via 3rd Party REST API

you have to implement a custom authentication provider as described in:http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html

I can't tell you what the best way is but just to help you get started:You create a listener, a token, a provider and a factory.

The attemptAuthentication method of the listener takes the credentials provided by the user and creates a new Token with that input. At the end of the method you'll add a:return $this->authenticationManager->authenticate($token);

Your provider will use this token in the authenticate method to send the API request.

For non-existing users you have two options:- create a user in the authenticate method after the API call and after you check whether it already exists which I believe is NOT they way to go- create your own authentication failure handler which is like https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php but at the top of the onAuthenticationFailure method you add if ($exception instanceof UsernameNotFoundException && (null !== $token = $exception->getToken()) && $token instanceof YourWordnikToken) { // create that user here}

That's just the basic idea how it works...I'm on IRC with the nickname hacfi - let me know if you need further guidance