Cookie
SecurityDefinition
An HTTP cookie is a small piece of data stored by the browser and automatically sent with requests to the same domain. Cookies are used for session management, user preferences, and tracking. Cookie attributes (HttpOnly, Secure, SameSite) control security behavior.
Related Tools
Frequently Asked Questions
Related Terms
JWT
JSON Web Token (JWT) is an open standard (RFC 7519) for securely transmitting information between parties as a JSON object. JWTs are self-contained tokens composed of three Base64URL-encoded parts: header, payload, and signature. Widely used for authentication and API authorization.
OAuth
OAuth 2.0 is an authorization framework that allows applications to obtain limited access to user accounts on HTTP services. OAuth enables "Login with Google/GitHub" flows where a third-party app is granted access to specific user data without receiving the user's password.
API Key
An API key is a unique identifier string passed in requests to authenticate an application or user accessing an API. API keys are simpler than OAuth but provide less security — they are long-lived, not scoped per-user, and must be kept secret.
SSL/TLS
SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols that provide encrypted communication over the internet. TLS is used in HTTPS, email (SMTP/IMAP), VPNs, and any application requiring secure data transmission. SSL is deprecated; TLS 1.3 is current.