Priva offers two API’s (Application Programming Interface) that enable users to access and change controller data
across the internet. This is carried out by the applications using the standard program HTTP API call with a JSON
payload. Further details can be found at

Priva API’s are protected by Priva’s OpenID Connect and OAuth 2 compliant Identity & Access Management services.
This means that every API call that is made, will have a JSON Web Token as Bearer in the Authorization header of the
HTTP request. The token control is in the power of the end user, via registry of the applications in Priva ’s Access
Control App. This app is only available to users via their account.