Introducing REST and Web API
For .NET developers, ASP.NET Web API is the way to create REST services. This module introduces students to the
REST architecture, and the framework that brings it to ASP.NET Core. Throughout the training, students will learn
best practices for building internal APIs (first-party clients) and Public APIs (third-party clients).
- Introducing REST
- Building a simple Web API
- Consuming a Web API
- Documenting your API with Open API
- Internal vs. Public APIs
ASP.NET Web API Building Blocks
In this module you will get acquainted with the most important building blocks for any ASP.NET Web API
application. This is the foundation of all following chapters.
- Getting Up and Running with Minimal APIs
- Adding Structure to your Web API with Controllers
- Web API Routing
- Inspecting the Request Processing Pipeline
- LAB: Building your first Web API
On the web the URL decides what the server will do. In ASP.NET Core you will find the Endpoint Routing Middleware.
A solid understanding of this middleware is required to build applications with ASP.NET Core.
- Getting Started with Routing Concepts
- Defining Routing Templates
- Route Parameter Contraints
- Route Parameter Transformers
- Understanding Route Matching
- Using Attribute Routing
- Routing Attributes
- Understanding Routing Errors
- LAB: Routing and Constraints
Controllers are responsible for the flow control logic in your application. ASP.NET Core has some tricks up its
sleeve to optimize your controllers for Web APIs. In this module, we will explore them and apply them to our
- Action Methods and Action Results
- Hooking into the Request Processing Pipeline with Filters
- LAB: API Controllers
Dependency Injection & Testing
Dependency Injection is the art of decoupling an object from its dependencies. On top of improving maintainability
and separation of concerns, it also makes testing a lot easier. In this module you will use dependency injection
to create your first unit tests.
- Methods of Dependency Injection
- Dependency Inversion, Explicit Dependencies and Inversion of Control
- Unit Testing your Components
- Stubbing, Mocking & Faking
- LAB: Dependency Injection in Web API
Modeling the Data in Your Web API
Web APIs expose your data to external clients. In this module you will learn how to model the data you expose
correctly so that it becomes easy to maintain and easy to consume.
- Internal and External Models - How to organise resources
- Mapping to Your Data Store with Entity Framework Core
- Using Data Transfer Objects
- Error Handling
People could be sending any data to your API. So you should always validate your input. Here we will look at best
practices, validation options, and how to send feedback in case of errors.
- Model Binding
- Binding Source Attributes
- DTO Validation
- Idempotency and Safeness
- Potential Errors and How to Handle Them
- LAB: Model Validation
Best Practices when Designing a Web API
Returning a 202 Accepted status code is easy. When to return it, that's another question. In this topic we'll dive
into some best practices to create a properly designed API.
- Content Negotiation
- Dealing with Batches
- Cross Origin Resource Sharing (CORS)
- Limiting Data
- Service Oriented Architecture
- LAB: API Design and Best Practices
This module reveals some great ways to keep your API quick and responsive. Ranging from tweaks that decrease load
on the server, to dealing with large resources in an efficient way, and throttling requests to prevent abuse.
- Making your Backend Asynchronous
- Dealing with Cancellation
- Throttling requests
- Taking Advantage of Server-side and Client-side caching
- Dealing with Large Resources
- LAB: Improving the Performance of your API
Managing your Web API
Once you release your API, your work is done, right? Not exactly. How do you handle a changing domain model?
What's the best way to keep track of who's using your API? In this module, we take a look at how to manage an
- Versioning: How to Add New Features to your API Without Breaking Existing Clients
- Limiting Access to your API with API Keys
- Leveraging Azure API Management as a Platform to Oversee All of Your APIs
Documenting your REST service with the OpenAPI Specification
When you want to consume a REST service, you are dependent on the documentation of the service. And developers
don't like to write documentation. No problem: using Swagger you can automatically generate the necessary metadata
for describing your service functionalities.
- Swagger and Swashbuckle
- Enriching your Metadata with Attributes
- Enriching your Metadata with Comments
- Adding XML-Comments
- Generating Client-side Code with Visual Studio and Swagger Codegen
- LAB: OpenAPI
Securing your Web API
Security is a world on its own. In this module we'll explore the common techniques to secure your Web API.
- Authentication & Authorization in Web API
- Authorization Attributes and Policies
- Authentication with OAuth and OpenID Connect
- Working with Roles and Scopes
- LAB: Protecting a Web API with OAuth
Actions and Remote Procedure Calls
While REST is all about exposing resources in a uniform way, for first-party clients, it might be a better idea to
expose actions. The haydays of SOAP are far behind us, but newer and better technologies like gRPC have taken its
place. In this module you'll learn all about when and how to use Remote Procedure Calls.
- Actions VS Resources: A Practical Comparison
- Exposing Actions in Web API
- Introducing gRPC
- Creating and Consuming gRPC Services
- LAB: Creating and Consuming gRPC Services with Blazor
Async Patterns in Web API
When long-running operations get triggered, you don't want to make your clients wait for them to finish. In this
module we will introduce a couple of patterns that allow you to decouple requests from their responses, so your
clients don't get bogged down by your service.
- Async Request-Reply Pattern: decoupling Request and Response
- Webhooks: Events for the Web
Consuming Web APIs
After spending a lot of time building your shiny new Web API, it's time to jump over the fence and take a look at
applications can easily consume your Web API.
- Consuming a Web API from .NET
- Best Practices for the .NET HttpClient
- Using the Swagger CodeGen Client
- LAB: Building a Client for your Web API