Implement Security Features: API should only be usable with a valid CAS jwt