A simple way to use tokens in HTTP requests for authentication in Web API with [Authorize] attribute including Identity, Principal and Roles. Sample code: https://gist.github.com/wolfspelz/a080601bbd3988782701 Valid tokens are stored statically in Azure-CloudConfigurationManager. This can be changed easily to check a real database of tokens. _happy_authenticating()