How to declare a controller function that can only access by another controller function and prevent direct access (.net core)

Question

I have a controller function called Resend email. That function should only call by the payment function and should prevent direct access, but when a user in that view user