{"id":110550,"date":"2026-05-15T12:00:00","date_gmt":"2026-05-15T12:00:00","guid":{"rendered":"https:\/\/www.red-gate.com\/simple-talk\/?p=110550"},"modified":"2026-05-13T20:10:10","modified_gmt":"2026-05-13T20:10:10","slug":"postgresql-is-removing-md5-authentication-for-passwords-heres-everything-you-need-to-know","status":"publish","type":"post","link":"https:\/\/www.red-gate.com\/simple-talk\/databases\/postgresql\/postgresql-is-removing-md5-authentication-for-passwords-heres-everything-you-need-to-know\/","title":{"rendered":"PostgreSQL is removing MD5 authentication for passwords. Here&#8217;s what it means for your databases"},"content":{"rendered":"\n<p><strong>Upcoming versions of PostgreSQL will be phasing out the MD5 hashing method within the authentication infrastructure of the database, <a href=\"https:\/\/www.postgresql.org\/message-id\/ZwbfpJJol7lDWajL@nathan\" target=\"_blank\" rel=\"noreferrer noopener\">as first suggested by Nathan Bossart<\/a> in 2024. In doing so, PostgreSQL will become a safer and more secure database for everyone. Its architecture will be more resilient to brute-force attacks, more computationally expensive to deal with, and more suitable for secure authentication.<\/strong><\/p>\n\n\n\n<p><strong>In this article, Lukas Vileikis details everything you need to know &#8211; including what this all means for<\/strong> <strong>your application, your database, and your users.<\/strong><\/p>\n\n\n\n<p>In late 2024, a <a href=\"https:\/\/www.postgresql.org\/message-id\/ZwbfpJJol7lDWajL@nathan\" target=\"_blank\" rel=\"noreferrer noopener\">message by Nathan Bossart hit the database spotlight<\/a>. Within it, he proposed a <em>\u201cmulti-year, incremental approach to remove <a href=\"https:\/\/en.wikipedia.org\/wiki\/MD5\" target=\"_blank\" rel=\"noreferrer noopener\">MD5<\/a> password support from <a href=\"https:\/\/www.red-gate.com\/hub\/books\/introduction-to-postgresql-for-the-data-professional\/\" target=\"_blank\" rel=\"noreferrer noopener\">PostgreSQL<\/a>.\u201d<\/em><\/p>\n\n\n\n<p>Before we dive in completely, let&#8217;s establish one important thing first: what exactly is MD5?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-md5-authentication-for-passwords\">What is MD5 authentication for passwords?<\/h2>\n\n\n\n<p><strong>Put simply: it\u2019s a hashing mechanism that was used widely to hash passwords in the past. Hashing is the process of transforming data into a hash value, or, in other words, a string of characters, using a hash function (sort of a formula in math.) <\/strong><\/p>\n\n\n\n<p>Hashes are a one-way function, meaning that it\u2019s impossible to \u201creverse\u201d a hash function (and to know what the hashed value was.) As such, hashing is used for digital fingerprinting and integrity validation &#8211; and there&#8217;s also password hashing.<\/p>\n\n\n\n<p>There are multiple functions incorporating password hashing, all of which are outside the scope of this blog. However, to summarize, these are functions like <a href=\"https:\/\/www.encryptionconsulting.com\/education-center\/what-is-blowfish\/\" target=\"_blank\" rel=\"noreferrer noopener\">Blowfish and BCrypt<\/a>, and others like PBKDF2 &#8211; which we&#8217;ll explore a bit more later.<\/p>\n\n\n\n<p>MD5 <em>used<\/em> to be a popular choice, but technology evolved and MD5 didn&#8217;t. So, it\u2019s now considered outdated and insecure.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-about-postgresql-s-support-for-md5-authentication\">What about PostgreSQL&#8217;s support for MD5 authentication?<\/h2>\n\n\n\n<p><strong>A decade or so ago, when computing power was far smaller than it is now, MD5 was considered an &#8216;okay&#8217; hashing mechanism. As such, many databases &#8211; <a href=\"https:\/\/www.red-gate.com\/simple-talk\/databases\/nosql\/how-to-choose-between-sql-and-nosql-databases\/\" target=\"_blank\" rel=\"noreferrer noopener\">NoSQL<\/a> and SQL-based platforms alike &#8211; quickly implemented MD5 into their architecture. It was simple to implement, came with little overhead, and found other suitable use cases as well.<\/strong><\/p>\n\n\n\n<p>However, as time went on, even news sources like The Register <a href=\"https:\/\/www.theregister.com\/software\/2017\/10\/09\/postgresql-says-scram-to-md5-authentication\/601155\" target=\"_blank\" rel=\"noreferrer noopener\">started picking up on issues with MD5 relating to databases like PostgreSQL<\/a>. <\/p>\n\n\n\n<p>MD5 was farewelled from PostgreSQL\u2019s authentication mechanism back in 2017, switching to <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc7677\" target=\"_blank\" rel=\"noreferrer noopener\">a version of SHA-256<\/a> instead. PostgreSQL took this approach because doing so fixed several weaknesses in how passwords were stored. <\/p>\n\n\n\n<p>With this version of SHA-256, passwords were <a href=\"https:\/\/www.geeksforgeeks.org\/techtips\/what-is-password-salting\/\" target=\"_blank\" rel=\"noreferrer noopener\">&#8216;salted&#8217;<\/a> (a random value would be appended to hashed values making massive values of hashes harder to crack for an attacker). Hashing would be intentionally slower. And, finally, computations on such a hashing algorithm would be far more expensive than on default MD5.<\/p>\n\n\n\n<section id=\"my-first-block-block_755de2dd2c6487ccf75b630402d8eed6\" class=\"my-first-block alignwide\">\n    <div class=\"bg-brand-600 text-base-white py-5xl px-4xl rounded-sm bg-gradient-to-r from-brand-600 to-brand-500 red\">\n        <div class=\"gap-4xl items-start md:items-center flex flex-col md:flex-row justify-between\">\n            <div class=\"flex-1 col-span-10 lg:col-span-7\">\n                <h3 class=\"mt-0 font-display mb-2 text-display-sm\">Protect your data. Demonstrate compliance.<\/h3>\n                <div class=\"child:last-of-type:mb-0\">\n                                            With Redgate, stay ahead of threats with real-time monitoring and alerts, protect sensitive data with automated discovery &#038; masking, and demonstrate compliance with traceability across every environment.                                    <\/div>\n            <\/div>\n                                            <a href=\"https:\/\/www.red-gate.com\/solutions\/use-cases\/security-and-compliance\/\" class=\"btn btn--secondary btn--lg\" aria-label=\"Learn more: Protect your data. Demonstrate compliance.\">Learn more<\/a>\n                    <\/div>\n    <\/div>\n<\/section>\n\n\n<h2 class=\"wp-block-heading\" id=\"h-postgresql-removing-md5-how-it-came-to-be\">PostgreSQL removing MD5: how it came to be<\/h2>\n\n\n\n<p><strong>First, it&#8217;s important to note that PostgreSQL&#8217;s developers have <em>only started taking the steps<\/em> to effectively suspend support for MD5 hashing going forward. So, for now, MD5 is still supported &#8211; but with caveats:<\/strong><\/p>\n\n\n<div class=\"block-core-list\">\n<ul class=\"wp-block-list\">\n<li><strong>PostgreSQL v18 should deprecate MD5<\/strong> by including notes in the documentation and release notes saying that <em>&#8216;MD5 is now deprecated and will be removed in the near future.&#8217;<\/em><br><br><\/li>\n\n\n\n<li><strong>PostgreSQL v19 should allow authentication and upgrades using MD5<\/strong> &#8211; but forbid creating new accounts using MD5 as the hashing mechanism.<br><br><\/li>\n\n\n\n<li><strong>PostgreSQL v20 should drop MD5 as a method for authentication.<\/strong><br><br><\/li>\n\n\n\n<li><strong>PostgreSQL v21 should remove all remaining support for MD5 within PostgreSQL.<\/strong><\/li>\n<\/ul>\n<\/div>\n\n\n<p>Here\u2019s a graph to make everything simpler to understand:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"379\" src=\"https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-25-1024x379.png\" alt=\"A Graph Depicting Support for MD5 in PostgreSQL\" class=\"wp-image-110551\" srcset=\"https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-25-1024x379.png 1024w, https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-25-300x111.png 300w, https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-25-768x284.png 768w, https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-25.png 1035w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>MD5 support in PostgreSQL<\/em><\/figcaption><\/figure>\n\n\n\n<p><strong>The point here is simple: MD5 is being sunsetted, and the phaseout has begun.<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-today-s-better-options-scram-md5-and-pbkdf2\">Today&#8217;s &#8216;better&#8217; options: SCRAM, MD5, and PBKDF2<\/h2>\n\n\n\n<p>I\u2019ve already explained what MD5 is, and touched upon other hashing mechanisms like Blowfish and BCrypt. I also mentioned <a href=\"https:\/\/en.wikipedia.org\/wiki\/PBKDF2\" target=\"_blank\" rel=\"noreferrer noopener\">PBKDF2<\/a> as another alternative &#8211; but what exactly is it?<\/p>\n\n\n\n<p><strong>PBKDF2 (Password-based Key Derivation Function 2) is a function used to turn a value (usually a password) into a secure hash designed to resist brute-force attacks.<\/strong><\/p>\n\n\n\n<p>PBKDF2 works by repeatedly performing hashing an ungodly number of times (sometimes even millions) and, by doing so, significantly increases the effort required for a password to be cracked. It&#8217;s widely used in extremely security-sensitive applications, such as password managers and <a href=\"https:\/\/www.red-gate.com\/simple-talk\/databases\/sql-server\/learn\/sql-server-authentication-methods\/\" target=\"_blank\" rel=\"noreferrer noopener\">authentication<\/a> systems.<\/p>\n\n\n\n<p>Some password managers like 1Password <a href=\"https:\/\/support.1password.com\/pbkdf2\/\" target=\"_blank\" rel=\"noreferrer noopener\">even have entire threads explaining how they use PBKDF2 to secure your most valuable assets<\/a>. Most valuable assets are the likes of credit cards and passwords.<\/p>\n\n\n\n<p>Understanding PBKDF2 is crucial for understanding how PostgreSQL approaches password hashing in the present day. I mentioned earlier that PostgreSQL switched from MD5 to SCRAM-SHA-256. Well, SCRAM-SHA-256 includes PBKDF2 by default. <\/p>\n\n\n\n<p>Here\u2019s what that means:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>SCRAM-SHA-256<\/strong><\/td><td><strong>MD5<\/strong><\/td><\/tr><tr><td>Suitable for secure authentication.<\/td><td>Suitable for checksums and fast data hashing.<\/td><\/tr><tr><td>Modern standard for authentication.<\/td><td>Outdated and deprecated.<\/td><\/tr><tr><td>Very resistant to brute-force attacks because of PBKDF2.<\/td><td>Not resistant to brute-force attacks.<\/td><\/tr><tr><td>Uses salting by default.<\/td><td>Doesn\u2019t use salting by default.<\/td><\/tr><tr><td>Not vulnerable to <a href=\"https:\/\/jumpcloud.com\/it-index\/what-is-a-hash-collision\" target=\"_blank\" rel=\"noreferrer noopener\">hash collision attacks<\/a>.<\/td><td>Vulnerable to <a href=\"https:\/\/jumpcloud.com\/it-index\/what-is-a-hash-collision\" target=\"_blank\" rel=\"noreferrer noopener\">hash collision attacks<\/a>.<\/td><\/tr><tr><td>Recommended by security experts as the go-to method for hashing passwords.<\/td><td>Not recommended by security experts due to vulnerability to hash collision and a variety of other issues.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><strong>SCRAM-SHA-256 implements PBKDF2 by default &#8211; while other hashing algorithms do not<\/strong>. <strong>This may well be the main reason it&#8217;s been chosen over MD5 as the default method for hashing in PostgreSQL.<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-so-postgresql-is-implementing-scram-sha-256-what-does-that-mean-for-you\">So, PostgreSQL is implementing SCRAM-SHA-256. What does that mean for you?<\/h2>\n\n\n\n<p><strong>PostgreSQL implementing SCRAM-SHA-256 into its infrastructure means that, upon login, it will now peruse SCRAM verifiers rather than MD5 hashes.<\/strong> <\/p>\n\n\n\n<p>In effect, functions that authenticate users in PostgreSQL will now look similar to this one:<\/p>\n\n\n\n<p><code>Verifier = PBKDF2<sub>SHA256<\/sub>(password, salt, iterations)<\/code><\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-deriving-a-verifier-in-this-way-improves-password-security-in-postgresql-because\">Deriving a verifier in this way improves password security in PostgreSQL because:<\/h4>\n\n\n<div class=\"block-core-list\">\n<ol class=\"wp-block-list\">\n<li>Each password comes with a &#8216;salt&#8217;;<br><br><\/li>\n\n\n\n<li>PBKDF2 slows down brute-force attacks;<br><br><\/li>\n\n\n\n<li>Iterations slow down &#8216;cracking&#8217;<br><br><\/li>\n\n\n\n<li>SHA-256 is a stronger hashing mechanism than MD5.<\/li>\n<\/ol>\n<\/div>\n\n\n<h4 class=\"wp-block-heading\" id=\"h-in-simpler-terms-the-verifier-is-derived-by-performing-these-four-steps\">In simpler terms &#8211; the verifier is derived by performing these four steps:<\/h4>\n\n\n<div class=\"block-core-list\">\n<ol class=\"wp-block-list\">\n<li>Hashing the user\u2019s password thousands of times using SHA-256<br><br><\/li>\n\n\n\n<li>Adhering to the number of iterations given when hashing the password<br><br><\/li>\n\n\n\n<li>&#8216;Salting&#8217; it (so that huge volumes of passwords are harder to crack)<br><br><\/li>\n\n\n\n<li>Producing a hardened cryptographic key using PBKDF2<\/li>\n<\/ol>\n<\/div>\n\n\n<h4 class=\"wp-block-heading\" id=\"h-while-these-steps-improve-security-there-are-two-downsides-to-consider\">While these steps improve security, there are two downsides to consider:<\/h4>\n\n\n<div class=\"block-core-list\">\n<ol class=\"wp-block-list\">\n<li>Authentication will take a longer time to process due to the hashing method being stronger<br><br><\/li>\n\n\n\n<li>CPU (central processing unit) usage is likely to spike on occasions, as the method used for hashing is computationally expensive<\/li>\n<\/ol>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\" id=\"h-scram-sha-256-and-pbkdf2-in-postgresql-other-points-to-consider\">SCRAM-SHA-256 and PBKDF2 in PostgreSQL: other points to consider<\/h2>\n\n\n\n<p>PostgreSQL scrapping MD5 in favor of SCRAM-SHA-256 and PBKDF2 affects the authentication infrastructure of your database &#8211; but not necessarily the passwords your application stores for its own users.<\/p>\n\n\n\n<p><strong>Put simply, using a different hashing mechanism affects the users inside of PostgreSQL: their roles, database authentication, and the credentials you use to connect to the database itself. However, it does <em>not<\/em> affect the passwords you store when your users register to use your application.<\/strong><\/p>\n\n\n\n<p>This means that when you build (or even <a href=\"https:\/\/www.red-gate.com\/simple-talk\/ai\/vibe-coding-and-databases-the-hidden-risks-of-ai-generated-database-code\/\" target=\"_blank\" rel=\"noreferrer noopener\">&#8216;vibe code&#8217;<\/a>) your application, you can register users <em>while<\/em> hashing their passwords. Just use any safe hashing method (e.g. BCrypt or Blowfish), and store them with or without a &#8216;salt&#8217; &#8211; that&#8217;s up to you.<\/p>\n\n\n\n<p><em><strong>This update does not affect the ability to store passwords belonging to the users of your application.<\/strong><\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-in-summary\">In summary<\/h2>\n\n\n\n<p>If you desire, I propose you read how this issue was approached by the engineers at EDB itself \u2013 their comments can be found <a href=\"https:\/\/www.postgresql.org\/message-id\/CAGECzQSQSMGr_nbXhSHiEsXFNbD-NdiZQ0T%2Bpu7P%3DqsfYXzCkQ%40mail.gmail.com\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>, <a href=\"https:\/\/www.postgresql.org\/message-id\/CAKAnmmK73voOLA59G9sXjRuVZgNy8nT2Cmcxk-k6EZ3s3q%2BwOw%40mail.gmail.com\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>, <a href=\"https:\/\/www.postgresql.org\/message-id\/a19ed13d-f69e-4644-9c96-1e18aa7d6550%40postgresql.org\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>, and <a href=\"https:\/\/www.postgresql.org\/message-id\/7e9e3d30-f7f4-460f-a626-6cfad419d6cd%40iki.fi\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>. You will see them mentioning that removing support for MD5 in full isn\u2019t going to be pretty as there\u2019s a lot of baked-in things still around in PostgreSQL.<\/p>\n\n\n\n<p>In general, though, Nathan&#8217;s initial idea of dropping support for MD5 was received very well. It remains to be seen how  long this &#8216;sunsetting&#8217; process will take, but we\u2019re definitely stepping in the right direction.<\/p>\n\n\n\n<section id=\"my-first-block-block_56b09b48d2acf89cf8ef6ce7e8bf12fd\" class=\"my-first-block alignwide\">\n    <div class=\"bg-brand-600 text-base-white py-5xl px-4xl rounded-sm bg-gradient-to-r from-brand-600 to-brand-500 red\">\n        <div class=\"gap-4xl items-start md:items-center flex flex-col md:flex-row justify-between\">\n            <div class=\"flex-1 col-span-10 lg:col-span-7\">\n                <h3 class=\"mt-0 font-display mb-2 text-display-sm\">Free desktop tool for fast PostgreSQL monitoring and diagnostics<\/h3>\n                <div class=\"child:last-of-type:mb-0\">\n                                            Stay in control of PostgreSQL performance with Redgate pgNow \u2013 a free desktop tool for fast, focused diagnostics. No agents, no setup, just actionable insights when you need them.                                    <\/div>\n            <\/div>\n                                            <a href=\"https:\/\/www.red-gate.com\/products\/redgate-pgnow\/\" class=\"btn btn--secondary btn--lg\" aria-label=\"Learn more &amp; download now: Free desktop tool for fast PostgreSQL monitoring and diagnostics\">Learn more &amp; download now<\/a>\n                    <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"faq\" class=\"faq-block my-5xl\">\n    <h2>FAQs: PostgreSQL removing MD5 password authentication<\/h2>\n\n                        <h3 class=\"mt-4xl\">1. Why is PostgreSQL removing MD5 support?<\/h3>\n            <div class=\"faq-answer\">\n                <p>MD5 is outdated and vulnerable to brute-force and hash collision attacks. PostgreSQL is replacing it with SCRAM-SHA-256, which uses PBKDF2, salting, and stronger SHA-256 hashing for significantly better security.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">2. When will PostgreSQL fully remove MD5?<\/h3>\n            <div class=\"faq-answer\">\n                <p class=\"font-claude-response-body break-words whitespace-normal leading-[1.7]\">The phaseout spans four major versions: deprecated in v18, new accounts blocked in v19, authentication dropped in v20, and all remaining MD5 support removed in v21.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">3. What is SCRAM-SHA-256, and why is it better than MD5?<\/h3>\n            <div class=\"faq-answer\">\n                <p>SCRAM-SHA-256 is a modern authentication standard that uses PBKDF2, salting, and thousands of hashing iterations \u2014 making it far more resistant to brute-force attacks than MD5.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">4. Does this change affect the passwords my application stores for its users?<\/h3>\n            <div class=\"faq-answer\">\n                <p>No. This only affects PostgreSQL&#8217;s internal authentication (database roles and connection credentials), not the passwords your application stores for its own registered users.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">5. What should developers do to prepare for the MD5 removal?<\/h3>\n            <div class=\"faq-answer\">\n                <p>Migrate any existing MD5-authenticated roles to SCRAM-SHA-256 now. Check your <code class=\"bg-text-200\/5 border border-0.5 border-border-300 text-danger-000 whitespace-pre-wrap rounded-[0.4rem] px-1 py-px text-[0.9rem]\">pg_hba.conf<\/code> and connection strings, and ensure your PostgreSQL client libraries support SCRAM authentication.<\/p>\n            <\/div>\n            <\/section>\n","protected":false},"excerpt":{"rendered":"<p>PostgreSQL is phasing out MD5 authentication across versions 18\u201321, replacing it with SCRAM-SHA-256. Here&#8217;s what it means for your database and applications.&hellip;<\/p>\n","protected":false},"author":339547,"featured_media":105920,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[143523,53,143534,143530,46],"tags":[4168,4170,158978,4619,5765],"coauthors":[146040],"class_list":["post-110550","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-databases","category-featured","category-postgresql","category-security","category-security-and-compliance","tag-database","tag-database-administration","tag-postgresql","tag-security","tag-security-and-compliance"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/110550","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/users\/339547"}],"replies":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/comments?post=110550"}],"version-history":[{"count":7,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/110550\/revisions"}],"predecessor-version":[{"id":110598,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/110550\/revisions\/110598"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/media\/105920"}],"wp:attachment":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/media?parent=110550"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/categories?post=110550"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/tags?post=110550"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/coauthors?post=110550"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}