Asp.net membership has user roles, you can use it to authorize users to some parts of your api.
- Give "GroupA" or "GroupB" role to a user during registration.
- Properly set principals after authenticate.
- Use System.Web.Http.AuthorizeAttribute to authorize
public class FooController : ApiController
{
[Authorize(Roles = "GroupA")]
public void GetOnlyForGroupA(){}
[Authorize(Roles = "GroupB")]
public void GetOnlyForGroupB(){}
public void GetForBoth(){}
}