I am looking at System.Security.Cryptography.ProtectedData.Protect @ https://learn.microsoft.com/en-gb/dotnet/api/

as we are looking to port a library from .NET Framework 4.7 to .NET Standard 2.0 to be used by .NET Core 2.0. I did a search and it only available in the full .NET Framework and .NET Core.

My question is, why is it not available in .NET Standard 2.0?

I would have thought that if it can be used in, for example, .NET Framework 4.7 and .NET Core 2.0 then it would also be part of .NET Standard 2.0

This API is not available "in" .NET Standard 2.0, but it is available "for" .NET Standard 2.0 as a "Platform Extension" which means that there is a NuGet package you have to add to get support for it.

If you add a reference to the System.Security.Cryptography.ProtectedData NuGet package, you can develop a .NET Standard library that uses these APIs.

However, this support only works when run on Windows, since those APIs are described as

Provides access to Windows Data Protection Api.

so it won't work on platforms other than Windows. Depending on your needs, this may be just fine.

If you are looking to implement similar concepts cross-platform, I suggest looking into the ASP.NET Core Data Protection APIs which could also be used outside of the context of an ASP.NET Core app since it is made out of NuGet packages that provide cryptographic logic and key storage solutions (e.g. directory, windows certificate stores, Azure KeyVault).

ProtectedData uses DPAPI from Windows. I created the library CrossProtectedData that uses ProtectedData in Windows and AspNetCore.DataProtection when running in non-Windows.

To use, simply add the NuGet package CrossProtect and replace any calls to ProtectedData with CrossProtect. Example:

using Integrative.Encryption;
using System;
using System.Security.Cryptography;
using System.Text;

namespace CrossProtectedExample
{
    class Program
    {
        static void Main(string[] args)
        {
            // our text to protect
            var text = "Hello!";

            // get bytes from text
            var bytes = Encoding.UTF8.GetBytes(text);

            // optional entropy
            var entropy = new byte[] { 100, 25, 31, 213 };

            // protect (encrypt)
            var protectedBytes = CrossProtect.Protect(bytes, entropy,
                DataProtectionScope.CurrentUser);

            // unprotect (decrypt)
            var unprotected = CrossProtect.Unprotect(protectedBytes, entropy,
                DataProtectionScope.CurrentUser);

            // convert bytes back to text
            var result = Encoding.UTF8.GetString(unprotected);

            // print result
            Console.WriteLine(result);
            Console.ReadKey();
        }
    }
}

Firstly

I can't answer for Microsoft

tl;dr

A lot of these questions can be answered with: if you need APIs found in .NET Framework, use the .NET Framework.

Longer form answer

A large number of the APIs found in .NET Framework either rely on underlying Windows libraries (which aren't available on MacOs or Linux distros) or they are currently too complex to implement, as such they are not available for .NET Core.

If there is an API you need access to which is only available in .NET Framework, then (for the time being) it's best to use .NET Framework rather than .NET Core/Mono/etc.

If you have a compelling reason for something to be included in .NET Standard, then I would head over to the .NET Standard GitHub repo and ask for it to be implemented there.