Domino REST API is (in my admittedly somewhat biased opinion) the best easy method for creating a secure REST API into Domino. If you have very strong Java skills, an OSGi plugin using JAX-RS is the standard supported way. If you have good Java skills, Jesse Gallagher's JakartaEE project is the community approach. But even if you have those skills, Domino REST API may provide what you need. It certainly provides what I need for this project.
Earlier this week I was working with Domino REST API for a personal project and encountered what appeared to be a bug. It was a very strange issue, but one that had a simple cause that was ultimately easy to verify. Shortly after joining HCL I wrote a blog post on troubleshooting support. If you didn't read that blog post at the time or need a refresher, it's probably one of the most important blog posts I've ever written and most of what I covered in that blog post was relevant to solving this problem. Coincidentally, what I wrote about understanding in my most recent blog post was also crucial.