jeff-card
commented
5 years ago Thank you for your comment! A peer review was held on August 9th and we have the following feedback:
Good thinking - We will add a linked reference to OWASP REST as a bullet under “Security by Design”.
Looking through the OWASP REST security recommendations, I don’t think you missed anything
https://www.owasp.org/index.php/REST_Security_Cheat_Sheet https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/REST_Security_Cheat_Sheet.md,
Perhaps providing the above reference in the doc would be helpful though as a bit more detail and examples are available there. I realize we don’t want to overload the guidelines