Best way to Authenticate Plug API

Hi, I am currently working on a Plug REST API, and am looking for ways to authenticate requests to the endpoints.

Upon my research, I came across HMAC and oAuth2.0. But am confused how to use any of these.

Any help on choosing or is there any other way to achieve this?


Our company doesn’t use Elixir, but we do it this way. We just have something like account/login endpoint that creates httponly cookie that contains JWT token for user. In Elixir you would just create a plug that validates that Cookie with JWT token and gets current user from it in every request.