Try start your project in the console with the command
dotnet new webapi -au Individual
You can open your project in VS after that. (to work around the dialog). Then you can use for example the authorize-attribute.
But the project is still configured to use Azure Bearer Authentication.
You have to decide where to get identity from.
You can take identityserver4 or build your own “Custom storage providers for ASP.NET Core Identity” (MS-Docs)
The difference to MVC WebApp: here you have an account controller with views to handle registrations and get a username and password and so forth.