Initial Authentication via OPAQUE-3DH
The OPAQUE-3DH protocol is a modern augmented password-authenticated key exchange (aPAKE) protocol that supports bilateral authentication of both the client and the server, as well as providing forward secrecy and the ability to hide the password from the server, even during registration.
Initial Authentication via SRP
Initial authentication via the SRP protocol will be deprecated in a future release. Existing users are advised to migrate to the new OPAQUE-3DH aPAKE protocol.
Authenticating Subsequent Requests
Once this initial authentication process is complete, future requests to secure endpoints will require the use of the authentication token obtained from the server. Do note that the body of the request and response will be encrypted. Read more in Encrypted Requests and Responses.