[Security] Add form_only option

Author: mdoutreluingne

reference/configuration/security.rst

@@ -352,6 +352,21 @@ failure_path
 This is the route or path that the user is redirected to after a failed login attempt.
 It can be a relative/absolute URL or a Symfony route name.
 
+form_only
+............
+
+**type**: ``boolean`` **default**: ``false``
+
+By setting this option to ``true``, there will be a check the content type, which will prevent the
+:class:`Symfony\\Component\\Security\\Http\Authenticator\\FormLoginAuthenticator` from responding to requests
+that should be handled by :class:`Symfony\\Component\\Security\\Http\Authenticator\\JsonLoginAuthenticator` (i.e. the
+method :method:`FormLoginAuthenticator::supports <Symfony\\Component\\Security\\Http\Authenticator\\FormLoginAuthenticator::supports>`
+will return ``false`` if the content type is ``application/json`` and ``true`` for form data).
+
+.. versionadded:: 5.4
+
+    The ``form_only`` option was introduced in Symfony 5.4.
+
 use_forward
 ...........