Question
Which TLS Cipher Suites are supported with the Vonage Video API?
Applies To
- TLS Cipher Suites
- Video API
Answer
The Vonage Video API platform now supports TLS 1.3, in addition to TLS 1.2. TLS 1.3 support is available for both the OpenTok and Unified environments, and was enabled for the OpenTok environment on February 18, 2026.
For more details about supported TLS versions and security recommendations, see environment-specific documentation:
- OpenTok environment: https://tokbox.com/developer/guides/security/#security--transport-layer
-
Unified environment: https://developer.vonage.com/en/video/guides/security#security--transport-layer
Not sure which environment you are using? See How to recognize if I’m using Vonage Video API Unified Environment or Vonage Video API OpenTok environment?
On September 1, 2020, Vonage deprecated several older cipher suites supported by the Vonage Video API SIP Interconnect feature. These ciphers are used for SIP over TLS.
Since March 22, 2021, this deprecation has been extended to all Vonage Video API platform services that use TLS. See the list below for details of supported cipher suites and information about the removal of TLS 1.1 for supported TLS versions.
Supported Ciphers
Please see the lists below for supported cipher suites by environment and TLS version. The actual cipher suite used is negotiated during the TLS handshake and may vary depending on the endpoint.
OpenTok environment
If you are using the OpenTok environment, see the lists below.
| TLS Version | Supported Cipher Suites |
| TLS 1.3 |
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 |
| TLS 1.2 |
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 |
Unified environment
If you are using the Unified environment, see the lists below.
| TLS Version | Supported Cipher Suites |
| TLS 1.3 |
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 |
| TLS 1.2 |
ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES128-SHA ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES256-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA |
EU proxy
The EU proxy uses the same cipher configuration for both the OpenTok and Unified environments.
| TLS Version | Supported Cipher Suites |
| TLS 1.3 |
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 |
| TLS 1.2 |
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA |
Articles in this section
- Unauthorized access to video sessions
- How to get copy of Service Agreement for Video API account?
- What security features does Vonage Video API implement?
- What are the implications of encryption on my app?
- Which TLS Cipher Suites are supported with the Vonage Video API?
- Where are the Media Encryption Keys created?