test.cs

public class CustomActionFilter : ActionFilterAttribute {
  public override void OnActionExecuting(ActionExecutingContext filterContext) {
    if (filterContext.HttpContext.Request.Query["secureID"] != "123") {
      filterContext.Result = new Microsoft.AspNetCore.Mvc.ContentResult() {
        Content = "Access denied"
      };
    }
  }
}