React app (without backend) that authenticates to microsoft with msal library and obtains access and id token.
I want to secure the calls using the token doing all the requests from the app to membrane, removing username and password from js code;
Membrane should validate the token, check if the username is in a list of enabled users and make the request to the api using basic auth, then return the response to the app.
Is that possible? What are some key configuration tips? Thank you very much!!