Best practice for managing custom token authentication

Hello all,
I want to develop a plugin that can query data by connecting to my API in Grafana. However, in order to call these services, I first need to authorize by getting a token with username, password. And this service returns me a expireTime. So, I need to refresh this token after the expire time has passed.

Is there a way to solve this structure with the datasource plugin on the client side? For example, by setting an authToken to the proxy route (my API only supports application/json) or by taking the token in datasource.ts and setting the token to secureJsonData in datasource.ts? Or do I need to develop a backend plugin to manage this authentication mechanism?