I'm working on a project for which I want a website to be interacting with a server that I control. Sending messages is no problem, but my question is about how to securely communicate about a logged-in user. If they've logged in with Google, I can just send the Google id token and verify that from the other server, but that obviously doesn't work if they're just logging in with an e-mail and password. Is it possible to do something similar with the wix session token, where I pass the session token to the other server and then verify it somehow? Or is there another standard way of doing this?