Building ASP.NET Web APIs

REST

Roy Fielding, the inventor of REST, realized while using the HTTP protocol you can also use HTTP to work with data stored in a database. Here we will look at how REST uses HTTP to serve data instead of web pages.

• The HTTP Protocol in Depth
• How REST works

Introducing ASP.NET Web API

For .NET developers ASP.NET Web Api is the way to create REST services. Web API is an adapted version of ASP.NET MVC specifically designed for REST. This module serves as an overview of the framework.

• Architecture
• CRUD operations
• Content Negotiation
• Consuming with a .NET Client or fetch API
• LAB: Building a Web API

End-point Routing

On the web the URL decides what the server will do. In ASP.NET Core you will find the End-point Routing Middleware. A solid understanding of this middleware is required to build applications with ASP.NET Core.

• Getting Started with Routing Concepts
• Defining Routing Templates
• Route Parameter Contraints
• Route Parameter Transformers
• Understanding Route Matching
• Using Concentional vs. Attribute Routing
• Routing Attributes
• Handling Routing Errors
• LAB: Routing and Constraints

ASP.NET Core API Controllers

In this module we'll take a closer look at the C in MVC. The controller has a very important role to fulfill: It's the component that figures out what to do when receiving a request.

• The ApiController Attribute and ControllerBase Class
• Action Methods
• Understanding IActionResult and ActionResult<T>
• Using the ProblemDetails class for error reporting
• LAB: API Controllers

Content Negotiation

Generally, in WebAPI we will use JSON as the serialization format. But how can we efficiently convert an object into JSON, and back again? Here we will look at classes from System.Text.Json, the latest and fastest JSON serialization library.

• Media types
• Built-in Content Negotiation
• Media Formatters
• Custom Media Formatters
• LAB: Building a Custom Media Formatter

Model Validation

People could be sending any data to your API. So you should always validate your input. Here we will look at validation options, and how to send feedback in case of errors.

• Model Binding
• The Modelstate
• Validation Attributes
• Returning Validation Errors
• Avoiding Overposting with ViewModels
• LAB: Model Validation

Securing your Web API service

Security is a world on its own. In this module we'll explore the common techniques to secure your Web API.

• Authentication & Authorization in Web API
• Authorization Attributes and Policies
• Authentication with OAuth and OpenID Connect
• Working with Roles and Scopes
• LAB: Protecting a Web API with OAuth

Documenting your REST service with the OpenAPI Specification

When you want to consume a REST service you are dependent on the documentation of the service. And developers don't like to write documentation. No problem: using Swagger you can automatically generate the necessary metadata for describing your service functionalities.

• Swagger and Swashbuckle
• Enriching your metadata with attributes
• Enriching your metadata with comments
• Adding XML-comments
• Generating client-side code with Visual Studio and Swagger Codegen
• LAB: OpenAPI

Best Practices when Designing a Web API

Returning a 202 Accepted status code is easy. When to return it, that's another question. In this topic we'll dive into some best practices to create a properly designed API.

• How to Organize Resources
• Idempotency and Safeness
• Dealing with Batches
• Remote Procedure Calls
• Limiting Data
• Versioning
• Handling Exceptions
• Caching
• Handling Large Resources

Web API Patterns

This topic contains some frequently used patterns and techniques when creating more complex APIs.

• Asynchronous Request-Reply Pattern
• WebHooks
• HATEOAS