Oauth authorization proxy help

[Aniello Lettieri]

Hello, can membrane help me in this scenario?

React app (without backend) that authenticates to microsoft with msal library and obtains access and id token.

This app at the moment calls a web api with basic auth , wich is insecure since it's javascript code.

I want to secure the calls using the token doing all the requests from the app to membrane, removing username and password from js code;

Membrane should validate the token, check if the username is in a list of enabled users and make the request to the api using basic auth, then return the response to the app.

Is that possible? What are some key configuration tips? Thank you very much!!