Hi there,
I'm a Canadian Web Developer with over 10 years of experience creating and working with REST APIs (and SOAP before that).
For the security/authentiction, I prefer to use JWTs (JSON Web Tokens). This is industry standard and very secure when implemented properly.
I prefer to use a PHP framework for developing APIs and API Gateways, although I'm open to other language/framework pairings as well. I prefer Phalcon and Laravel.
I'm interested to hear more details about this project, please do let me know.
If we don't end up working on this together, good luck with your project!