
Explore how real-world Web API services map HTTP verbs and URLs to controller actions within a lightweight, extensible pipeline on the .NET framework.
Explore the Azure API app template for Web API projects, review Swagger and Application Insights integration, and note it can run on-premise while remaining similar to a blank template.
Explore the strengths and weaknesses of template style routing, test with Swagger across multiple controllers, and learn how attributes and legacy routes improve control over http verbs and method naming.
Bind remaining URL segments with wildcard parameters in Web API routing using a custom binder for string arrays; useful for date-like paths or IoT data, though body data is preferred.
Create and test a delegating handler that times the request pipeline, logs the elapsed time, and adds a custom response header, then register it in WebApiConfig.
Action filters are attributes attached to routes that run code before and after an action method, and can be registered globally or per route or per controller, with per-route overrides.
Explore a practical client side caching action filter that uses http headers to balance performance and freshness, supporting public, private, or no cache and configurable seconds.
demonstrates a validate model state action filter with an optional body required flag. aborts the pipeline when the FromBody parameter is missing or null.
Learn to implement authentication filters with a boilerplate template, convert tokens into an IPrincipal, suppress the host principal, and validate credentials via AuthenticateAsync.
Override the authentication filter list to allow only a chosen token type for a method, such as JWT, while global filters include Basic and JWT.
Learn how authorization secures ASP.NET Web API by validating request contents and identity, using authorization filters at global or action level to enforce https, tokens, or api keys.
Enforce a require https authorization filter by inspecting the client's perspective url via GetSelfReferenceBaseUrl and load balancer headers; abort with 403 'https required' if not https, otherwise pass through.
Understand how Web API handles errors via analyzers, converters, and exception filters. Learn to implement a global exception handler and a last-resort ASP.NET path to craft safe HTTP error responses.
Explore how the global exception handler converts unhandled exceptions into concise responses, bypassing stack traces, using exception filters and optional inner handlers with content negotiation for responses.
Explore RFC 7807 problem responses and how they standardize error details beyond generic 500s, introducing a media type, json and xml, and five reserved fields: type, title, status, detail, instance.
Become the Expert!
Are you a C#.NET developer ready to take the plunge into microservices?
Microsoft's ASP.NET Web API 2.0 for .NET Framework is an outstanding, flexible platform for creating microservices. Unfortunately the official documentation is sparse, and you are left trying to piece together your understanding of this powerful platform by scouring the Internet for articles and examples that are often too academic, outdated, and not aligned with the practical needs of real-world services that must integrate with potentially many different kinds of clients and data center environments.
In this course, I will take you step by step through all of the layers of Web API to give you a full understanding of the platform components you will likely need to use in a modern, production-ready web service. Examples and exercises are drawn from practical, real-world scenarios of the sort I personally faced while creating commercial web services-- and chances are you will face them too!
We'll cover all of the core Web API features like
securing your API parameters,
extending the Web API to perform custom processing,
error handling,
authentication and authorization.
We'll look at ways to test and document your service. We'll dig into performance improvements using techniques like caching and asynchronous operations. You'll get a clear understanding of how to make your service work correctly behind application proxies such as load balancers that every commercial web service uses in the real world.
I've put together everything you need in one place to create professional, production-ready Web API services. This course will save you many hours of time and give you a much deeper understanding of everything Web API has to offer than trying to learn a piece at a time through Google-- so get a jump-start now and become the Web API expert on your team!
The Experience
The course experience is intended to feel like a more intimate, one-on-one setting. I want you to feel like you and I are both sitting down in front of your computer, reviewing some code in Visual Studio and having a friendly discussion about how things work, the pros and cons of a technique, and practical issues you might face when you start writing your own services using the framework.
The goal is not just to learn about the details of Web API. The examples and assignments are designed to create a web service mindset and give you of ways of thinking about the construction, performance and deployment of your web services, especially in scenarios that have unique cross-platform integration requirements.
The Tech Stack
This course specifically uses the standard .NET Framework version of Web API, which usually runs under IIS on Windows servers. If you are using .NET Core instead of .NET Framework, then while the concepts in this course are similar, the specific syntax for .NET Core Web API is very different. This probably isn't the course for you if you are specifically targeting .NET Core.
For testing, we'll be using Fiddler, PostMan and Swagger (via the Swashbuckle library).
Real World Focus
My "Real World" courses specifically target working developers solving actual problems in typical business programming scenarios. They are uniquely designed to cover areas you don't find in other courses on similar topics, from the specific viewpoint of developers who need to translate theory into practical application to solve the kinds of problems the "overview" courses don't help with. I assume you already know how to program and have built working commercial systems-- you won't find any "Hello, world" here!