Devhub Issue: BC Government API Guidelines [API creation with the focus on security by design]

[RPETHAN]

path: (do not delete) https://github.com/bcgov/api-guidelines/blob/master/government-of-british-columbia-api-guidelines.md
(do not delete) devhub page: undefined

Devhub Content Issue

API with security by design is briefly mentioned, OWASP security principles can be a good reference for that. https://github.com/OWASP/DevGuide/blob/master/02-Design/01-Principles%20of%20Security%20Engineering.md

the focus also should be on layered security design (with the security of data not just to be managed at the API level but across all levels), on how to minimize the impact of data exposure (with the least common and least privilege security principles ), when an API is compromised.