I have an ASP.NET Core 7 MVC web application that has full user authentication, but also has a couple of API endpoints. A need has arisen for us to allow authentication on those endpoints using client certificates, instead of username/password. Is this possible?