You can integrate your solutions with the service package in two ways:
Server-less - using the REST-like service APIs (e.g. Suite - Device Provisioning, Things HTTP API 2, Hub Device Registry etc.)
Building an own backend and using for example a Java client that communicates to our services.
On all APIs the service package will protect its functionality and your data by using
Authentication to make sure the requester is the one he states
Authorization to make sure the requester is allowed to see, use or change the information he wants to access
Identification of your solution whenever an API is called