The most common form of encryption used to secure web services and the web in general is HTTPS. Unlike HTTP, which exchanges data between servers and clients in plain text, HTTPS encrypts the content of requests and responses so that they appear opaque to anyone listening on the network.

The literature on HTTPS is vast and readily available. In addition, support for HTTPS in software packages and hardware that is typically used in web services deployments is abundant. For these reasons, this section will not delve further into the details of using HTTPS. With the exception of building URLs for redirection, the use of a secure communication protocol has little impact on the implementation of a RESTful web service.