RFC (Request for Comments)
- RFC 2616 - Hypertext Transfer Protocol – HTTP/1.1
- RFC 3986 - Uniform Resource Identifier (URI): Generic Syntax
- RFC 6455 - The WebSocket Protocol
- RFC 6749 - The OAuth 2.0 Authorization Framework
- RFC 7009 - OAuth 2.0 Token Revocation
- RFC 7515 - JSON Web Signature
- RFC 7516 - JSON Web Encryption
- RFC 7517 - JSON Web Key
- RFC 7518 - JSON Web Algorithms
- RFC 7519 - JSON Web Token
- RFC 7521 - Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants
- RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants
- RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
- RFC 7662 - Token Introspection
Model
- RBAC - Role-based access control, 安全控制機制
Style
設計風格,可以不一定要遵守,但遵守了會讓大家很開心
- REST - REST 風格的系統叫 RESTful
- PSR - 參考 PHP Coding Style
Versioning
- semantic versioning - 標版號的規定