Are there any best practices to integrate with the authentication service?

Currently the response comes to the frontend. How to check that in backend so that the users can't fake it to pass the screen?

Are there any best practices to integrate with the authentication service?

All server-to-server calls use a basicauth token/secret defined in the config file.

Currently the response comes to the frontend

Not sure what you mean by this. Whatever user input is passed from the frontend is validated at the backend.

@knadh Got it. Thank you.