This document discusses techniques for building a secure API, including OAuth, OpenID Connect, SCIM, JSON Web Tokens, and other standards. It provides an overview of key concepts like the OAuth authorization framework with clients, authorization servers, and resource servers. Identity management is central, and protocols like SCIM and SAML can be used to provision and manage user accounts. The document also summarizes standards like JWTs and how pieces like OAuth, OpenID Connect, and SCIM can be combined to securely access APIs and manage user identities.