Setting up a database table to store user information and have a webAPI method to login is just the beginning. Once logged in, returning a token for subsequent calls can make staying signed in convenient. Save the initial token passed back by the API and then add that to the header of future calls. In this token you can store roles and policies to further secure the application. This course will review the roles-based authentication and even show how to use an Enum to set those roles allowed to call certain methods.