Hello,
It depends on purpose of your web Api. For example if you exposing Api to public just like Google Adwords and Yahoo Gemini also you dont want to use username/password for each protected resource. Go for Token based authentication.
For general purpose I will suggest you to use Token based.
Quote:
The general concept behind a token-based authentication system is simple. Allow users to enter their username and password in order to obtain a token which allows them to fetch a specific resource - without using their username and password. Once their token has been obtained, the user can offer the token - which offers access to a specific resource for a time period - to the remote site.
Asp.Net Identity is best suited for Organizational Api like Financial applications, Human resource and services. You can protect your API based on Roles and authentication. On each request you have to authenticate your self by username/password etc.
Asp.Net Identity provide you huge verity and support OAuth integration, works with OWIN.