Two Factor authentication in Web Api mvc

        //[ValidateAntiForgeryToken]
        [HttpPost]
        public async Task<ActionResult> Login(Login model, string returnUrl)
        {
            /*This will depend totally on how you will get access to the identity provider and get your token, this is just a sample of how it would be done*/
            /*Get Access Token Start*/
            HttpClient httpClient = new HttpClient();
            httpClient.BaseAddress = new Uri("https://localhost:44327/Token");
            var postData = new List<KeyValuePair<string, string>>();
            postData.Add(new KeyValuePair<string, string>("Username", model.UserName));
            postData.Add(new KeyValuePair<string, string>("Email", model.Email));
            postData.Add(new KeyValuePair<string, string>("Password", model.Password));
            postData.Add(new KeyValuePair<string, string>("grant_type", "password"));
            HttpContent content = new FormUrlEncodedContent(postData);


            HttpResponseMessage response = await httpClient.PostAsync("https://localhost:44327/Token", content);
            // response.EnsureSuccessStatusCode();
            string AccessToken = response.Content.ReadAsStringAsync().Result;
            //string AccessToken = /*Newtonsoft.Json.*/JsonConvert.DeserializeObject<string>(result);
            /*Get Access Token End*/
           
            if (AccessToken.Length >= 200)
            {
                
                TempData["userid"] = "userid";
                TempData["name"] = model.UserName;
                return RedirectToAction("Home");
            }

            ModelState.AddModelError("Username", "Username and password is not valid");
            return View(model);
        }