You can check the caller’s principal in your public methods using msg.caller, as described here: https://smartcontracts.org/docs/language-guide/caller-id.html
Eg:
public shared(msg) func hello() {
if (msg.caller == allowedPrincipal) {
...
A few more examples are linked here too:
https://forum.dfinity.org/t/which-is-the-best-way-to-set-admin-to-your-application/1621/2?u=ori