Then I will be clear , you're developing the backend with laravel . and the frontend probably Angularjs or React . These two applications are to communicate with each other on the basis of politice , so they must be authenticated and the easiest way is to use JWT Auth . but it is not enough to be safe you will also use policy and other methods .... https://www.toptal.com/web/cookie-free-authentication-with-json-web-tokens-an-example-in-laravel-and-angularjs https://scotch.io/tutorials/token-based-authentication-for-angularjs-and-laravel-apps https://scotch.io/tutorials/role-based-authentication-in-laravel-with-jwt
JWT Auth him then use both the frontend and for the backend. Auth token , and you can support depends on how hard you want to be . personally I advise you to integrate them both. sometimes even the token must be notarized.
The token is passed in the request and can be validated in the middleware before the request is actually executed.