Securely calling an asp.net mvc action method Using WebClient or calling it directly from the global.asax

I have the following ScanServer() action method inside my asp.net mvc web application, which exposes a WebService :-

[HttpPost]
public async Task<ActionResult> ScanServer(string FQDN)
{

    string ValidToken = System.Web.Configuration.WebConfigurationManager.AppSettings["Token"];


    tokenfrom = Request.Headers.Get("Authorization");


    if (tokenfrom != ValidToken )
          {
 return new HttpStatusCodeResult(403, "request failed");

now as shown on the above method, i am extracting the authorization token from the Post request and compare it with the valid token stored inside the web.config..now i am calling the ScanServer() action method as follow from external systems :-

 using (WebClient wc =newWebClient()){string url = currentURL +"home/scanserver";var args =newNameValueCollection{{"FQDN","allscan"}};
                   wc.Headers.Add("Authorization",token);var json = await wc.UploadValuesTaskAsync(url, args);TempData["messagePartial"]=string.Format("Scan has been completed. Scan reported generated");}

all of the above is working well. but now i want to call the ScanServer() action method from the same application on timely basis inside the global.asax , as follow:-

publicclassMvcApplication:System.Web.HttpApplication{staticvoidScheduleTaskTrigger(){HttpRuntime.Cache.Add("ScheduledTaskTrigger",string.Empty,null,Cache.NoAbsoluteExpiration,TimeSpan.FromMinutes(10),CacheItemPriority.NotRemovable,newCacheItemRemovedCallback(PerformScheduledTasks));}staticvoidPerformScheduledTasks(string key,Object value,CacheItemRemovedReason reason){string currentURL =System.Web.Configuration.WebConfigurationManager.AppSettings["scanningURL"];string token =System.Web.Configuration.WebConfigurationManager.AppSettings["TMSToken"];HomeController h =newHomeController();var c = h.ScanServer(.....);// how to call it !!!!!!ScheduleTaskTrigger();}

now inside my action method i am extracting the Authorization token from the Request.Header, but when i want to call the action method from the global.asax file there is not any Request involved.. so i will always get an error when i am trying to call the action method from the global.asax. so not sure how i need to modify my above code to have my action method being invoked securely from external systems and at the same time from the global.asax ? for example if i bypass the token checking in-case the request is null ,, is considered secure ?

Thanks