How would you secure a web API in a .NET application using modern authentication standards at Kanini?