Try to authenticate with access-token

I’m creating an app to communicate with my iOS app, in the api controller I have this:

public function behaviors() {

        return ArrayHelper::merge(parent::behaviors(), [

            'authenticator' => [

                'class' => QueryParamAuth::className(),

                //'only' => ['subscrever', 'noticias', 'noticia', 'categorias'],

                'only' => ['subscrever'],


            'contentNegotiator' => [

                'formats' => [

                    'application/json' => Response::FORMAT_JSON,





Only action "subscrever" will really need to authenticate with the access-token provided, but I want to authenticate the user if he provides the an access-token.

At the the app only authenticate is the action is in only array, I want to try to authenticate every time the access-token is provided.

What is the best solution for this?

If you are make some action during access-token verifying, you can try to add an event handler after action to make your custom code in case of access-token is passed.

I don’t understand exactly your solution. But I used the beforeAction function and check if the action requested is one that doesn’t require authentication, if the access-token is provided it do the authentication process.

But I think that it was very useful that the "authenticator" always try to authenticate if the access-token is provided