What is the best practice about sending token to client ?

[kursatsmsek]

Hello and thanks for this awesome configuration.

I'm not sure about sending token as url param to client devices. Is there any better solution? Of course I want to keep token for my next request but on the frontent side, getting token and redirect to other page process is not seems good. I have questions authenticating user on the backend side, is using client side authenticating better?

I'm not sure and need help. Thanks in advance.