External Collections Security

Hello there, I have to make an app for a client but it requires the database to be outside of Adalo so I will use Xano, but it also wants push notifications and for that I need to have user authentication in Adalo. The question is, what is the best way to secure the endpoints if I can’t use the Xano token?