Mike,
in your Synergy REST APIs Course Exercise Instructions there is a problem with Securing the API.
In the Procedure OnPreRequest you use (ComparePasswords(ghoWebSessionManager,

This method requires use cWebSessionManagerStandard.pkg, and if you use that you have to handle all stuff with the session, which you said not is desirable for the WebService.

I solved this thru making my own method in the same place and not use the cWebSessionManagerStandard.pkg

PHP Code:
                                                         Procedure OnPreRequest ...
     
Get ComparePasswords (Trim(WebAppUser.Password)) tCreds.sPassword to bOK
     
If bOK Set psUsername to tCreds.sUserName
End_Procedure

Function ComparePasswords String sUserPassword String sEnteredPassword Returns Boolean
     Function_Return 
(sUserPassword sEnteredPassword)
    
End_Function 
Just for your knowing...