The rest services are enabled from an XPages on the client (using the XPages REST component), but not as standalone services. The issue on the client is security. As you know, the client is using ECLs to control what the application can do, like accessing a database, based on the id of the signer. To make this work, we have to know the designer id of the caller, and thus it must come from an XPages as we know it.
In short, enabling standalone REST services raises security challenges. You can do it yourself, by providing a custom servlet, but be careful with the security holes you can open.