How to issue markers from an MVC web app for web API

I'm trying to figure out if this is an anti-pattern or if this is a valid way to do things.

I have an MVC5 web application that is accessing a web API. I am managing identity through ASP.NET 2 identity through MVC application.

I am trying to figure out how to release an OAUTH2 bearer token from an MVC application to submit to the web API, and then how to access the claims from the token to the API.

I am assuming the app and the API share a machine key to somehow decrypt the token in the API (correct me if I'm wrong), but how do I get the token out of the app correctly? Is it fair to assume that I can just use the OAuthAuthorizationServerOptions to create a token endpoint in an MVC app, and then get the token here before calling the web API?

This all makes sense to me, I'm just looking for confidence that this is the right thing to do or is doing something in this scenario.