<!--
{
  "availability" : [
    "iOS: 5.0 -",
    "iPadOS: 5.0 -",
    "macCatalyst: 13.0 -",
    "macOS: 10.14 -",
    "visionOS: 1.0 -"
  ],
  "documentType" : "symbol",
  "framework" : "GSS",
  "identifier" : "/documentation/GSS",
  "metadataVersion" : "0.1.0",
  "role" : "Framework",
  "symbol" : {
    "kind" : "Framework",
    "modules" : [
      "GSS"
    ],
    "preciseIdentifier" : "GSS"
  },
  "title" : "GSS"
}
-->

# GSS

Conduct secure, authenticated network transactions.

## Overview

The open source Generic Security Service Application Programming Interface (GSS-API) defines a standardized interface through which the operating system vends secure data transport operations. The GSS framework provides an implementation of the interface and the underlying libraries.

Using GSS-API, you can:

- Create a security context in which data can be passed between applications. A *context* represents a “state of trust” between two applications. Applications that share a context recognize each other and permit data transfers as long as the context lasts.
- Apply one or more types of protection, known as *security services*, to the data to be transmitted. For more on security services, see <doc://com.apple.documentation/documentation/Security>.
- Perform data conversion, error-checking, delegation of user privileges, information display, and identity comparison.

See [RFC 2743](https://tools.ietf.org/html/rfc2743) for the definitive description of the GSS-API 2, and [RFC 2744](https://tools.ietf.org/html/rfc2744) for a description of the related C bindings.

## Topics

### Memory and Context

[Allocating and Releasing Objects](/documentation/GSS/allocating-and-releasing-objects)

Manage memory and object lifetimes.

[Function Status](/documentation/GSS/function-status)

Evaluate return values that most GSS-API functions use to indicate the outcome of an operation.

[Buffer Management](/documentation/GSS/buffer-management)

Allocate and deallocate buffers with structures that hold a variety of data.

[Context Services](/documentation/GSS/context-services)

Use context services to manage secure operations between endpoints.

### Credentials

[Credential Management](/documentation/GSS/credential-management)

Securely establish connections between endpoints.

[Security Mechanisms](/documentation/GSS/security-mechanisms)

Provide a security mechanism for your implementation.

### Names and Object Identifiers

[Name Handling](/documentation/GSS/name-handling)

Manage names for GSS-API principals such as a person, a machine, or an application.

[Object Identifiers](/documentation/GSS/object-identifiers)

Store security mechanisms, QOPs (Quality of Protection values), and name types.

### Messages

[Token Management](/documentation/GSS/token-management)

Establish secure communication with tokens.

[Message Protection](/documentation/GSS/message-protection)

Provide cryptographic protection to secure message integrity.

[Kerberos Implementation](/documentation/GSS/kerberos-implementation)

Establish secure connections using the Kerberos implementation of GSS-API.

### Structure and macros

[Structures and macros](/documentation/GSS/structures-and-macros)


---

Copyright &copy; 2026 Apple Inc. All rights reserved. | [Terms of Use](https://www.apple.com/legal/internet-services/terms/site.html) | [Privacy Policy](https://www.apple.com/privacy/privacy-policy)