{"id":"security-standards","title":"Security Standards","description":"Specifications for securing API communications, authentication, and authorization.","standards":[{"id":"tls-1-2","name":"TLS 1.2 / TLS 1.3","title":"Transport Layer Security","description":"Transport Layer Security protocol for encrypted communications. Minimum TLS 1.2 required for all API traffic. TLS 1.3 (RFC 8446) is the latest version with improved security and performance.","url":"https://datatracker.ietf.org/doc/html/rfc8446","usedFor":["Transport encryption","HTTPS","Secure communications"],"requirement":"MUST use TLS 1.2 or higher"},{"id":"oauth-2-0","name":"OAuth 2.0","title":"OAuth 2.0 Authorization Framework","description":"Authorization framework for API access (RFC 6749, 6750). Flows: Authorization Code, Client Credentials, Device Code. Bearer token format for API authentication.","url":"https://datatracker.ietf.org/doc/html/rfc6749","usedFor":["Authorization","Access tokens","Delegated access"],"flows":["Authorization Code","Client Credentials","Device Code","Refresh Token"]},{"id":"openid-connect","name":"OpenID Connect","title":"OpenID Connect (OIDC)","description":"Identity layer on top of OAuth 2.0. Provides user authentication. ID tokens contain user identity claims. Standardizes user info endpoint and token formats.","url":"https://openid.net/connect/","usedFor":["User authentication","Identity","ID tokens"]},{"id":"jwt","name":"JWT","title":"JSON Web Token (RFC 7519)","description":"Compact, URL-safe token format. Structure: header.payload.signature. Used for access tokens and ID tokens. Self-contained tokens with claims.","url":"https://datatracker.ietf.org/doc/html/rfc7519","usedFor":["Access tokens","ID tokens","Stateless authentication"],"structure":"header.payload.signature"},{"id":"api-key","name":"API Key Authentication","title":"API Key Authentication","description":"Simple authentication using a secret key. Should be passed in headers, not URL parameters. Header: X-API-Key: {key} or Authorization: ApiKey {key}. Less secure than OAuth 2.0, suitable for server-to-server.","usedFor":["Simple authentication","Server-to-server","Rate limiting"],"headerFormats":["X-API-Key: {key}","Authorization: ApiKey {key}"],"recommendation":"SHOULD be passed in headers, MUST NOT appear in URLs"}],"links":{"self":{"href":"/v1/standards/security-standards"},"parent":{"href":"/v1/standards"}}}