You are developing a new API that needs to be managed through Azure API Management. You want to ensure that only authenticated users can access your API and that usage is tracked effectively. Which of the following policies can you implement to achieve this?