SecuritySSPI

SecuritySSPI, commonly referred to as SSPI, is a Windows API that enables applications to perform authentication and secure communications without hard-coding a particular authentication protocol. It provides a unified interface for negotiating credentials, establishing security contexts, and protecting messages, while delegating the details of the chosen mechanism to underlying security providers.

Applications call functions such as AcquireCredentialsHandle, InitializeSecurityContext, AcceptSecurityContext, EncryptMessage, and DecryptMessage to acquire credentials, negotiate an

SSPI is implemented by security providers called SSPs. Common examples include Kerberos SSP, NTLM SSP, and Negotiate

The interface enables Windows components and third‑party software to perform single sign‑on and mutual authentication, with

SSPI can be accessed from native Windows applications and via language bindings in .NET and other environments.