1👍
Yes, authentication should work between two different servers, if you set it up correctly.
The type of authentication you should use depends on your use case. You should choose the one that best suits your needs.
As for storing the token, it also depends:
-
If you have a short-lived JWT, you could store it on the local storage, but it is vulnerable to XSS attacks.
-
If you have a longer lived JWT, you could store it in a cookie with HTTP-Only and Secure flags enabled. But this means that your frontend and backend must be on the same domain.
But again all of this depends on your particular use case.
Finally, since you mentioned that the backend and frontend are in different servers, I am assuming that they are hosted in different domains or subdomains. If this is the case, be sure to configure CORS on your backend so that you can receive requests from the React app.