---
title: Security
description: The Orchestration SDKs are built from the ground up to use best practices for securing token material and data.
component: orchsdks
page_id: orchsdks::security/index
canonical_url: https://developer.pingidentity.com/orchsdks/security/index.html
revdate: Wed, 17 May 2023 14:10:20 +0100
keywords: ["PingOne Advanced Identity Cloud", "PingAM", "Journeys", "Setup & Configuration", "Source Code", "Security", "SDK"]
---

# Security

The Orchestration SDKs are built from the ground up to use best practices for securing token material and data.

Security is a very broad subject, and every environment is different. Readers are expected to do their own research and complement the information found in these topics.

[icon: file-certificate, set=fadr, size=3x]

#### [Tokens and keys](security-tokens.html)

Learn how the Orchestration SDKs secure your session and OAuth 2.0-related tokens, and the encryption used.

[icon: user-shield, set=fadr, size=3x]

#### [Authentication](security-authn.html)

Discover the protocols the Orchestration SDKs use when your app authenticates your users.

[icon: binary-lock, set=fadr, size=3x]

#### [Data](security-data.html)

What data do the Orchestration SDKs use, and what security measures help to protect it.

[icon: swap, set=fadr, size=3x]

#### [OAuth 2.0](oauth2-pkce.html)

See how the Orchestration SDKs use Proof Key for Code Exchange (PKCE) to mitigate the risks of an OAuth 2.0 attack.