we have a Windows environment running a web MVC app with .net core 3.1 configured with windows authentication only.
We have a Web Api controller where we need to secure a
