I would say between your ASP.Net WebAPI and Strapi absolutely. We do plan to natively include API tokens (if fact it will become the default and the users-permissions system will an optional plugin) in the future. But in the short term the guide you linked is the best way to get started.
As long as the API tokens are kept server side and not shared in any client side (or client side rendered application like react) it should be fine.