From your comment, it seems you do not have a separate identity provider, but that a Mendix application authenticates users based on local accounts. I will use this as an assumption.
If you control both the Mendix application and the backend API's, you have many options. It really depends on your use case.
- Back end API is called from browser:
- Use JWT's (the AppStore has a nice module for this)
- Share a secret (key or passphrase) between Mendix and API,
- Create a JWT in Mendix app,
- Send object with JWT to client,
- Use the JWT to authenticate with the API,
- API validates the JWT with the shared secret,
- Back end API is called from Mendix:
- Basic authentication, send user as parameter,
- This is probably the easiest solution
- Use JWT's
- Same as above, except the JWT does not go to the client,
- Use OAuth
- I would not recommend this, as there is no AppStore support for this