Open
Description
Looking through the OWASP REST security recommendations, I don’t think you missed anything
https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/REST_Security_Cheat_Sheet.md,
Perhaps providing the above reference in the doc would be helpful though as a bit more detail and examples are available there. I realize we don’t want to overload the guidelines
Activity