There are many format standards for web services (XML, JSON, etc),. There seems to be a lot of legacy apps using XML, but most of the energy seems to be moving towards JSON.
What I need to implement now is some sort of identity protection, and I have little experience in this. What is the most common form (SAML, Kerberos, etc) that will pass basic (nothing fancy) credentials? Is there a standard that is developing momentum (like JSON).