ASP.NET Core 6 Web Api Best Practices
Resources related to my Pluralsight course.
Watch the course: ASP.NET Core 6 Web API: Best Practices
References
Below are a selection of links I referenced when building this course.
RFCs
- RFC2616 - HTTP 1.1
- RFC6454 - The Web Origin Concept
- RFC6585 - Additional HTTP Status Codes
- RFC6648 - Deprecating 'X-' Prefix
- RFC6797 - HTTP Strict Transport Security
- RFC6819 - Authorization Headers
- RFC7231 - HTTP 1.1 - Semantics and Content
- RFC7234 - HTTP 1.1 - Caching
- RFC7396 - JSON Merge Patch
- RFC7807 - Problem Details for HTTP APIs
ASP.NET Core Docs
- Create Web APIs with ASP.NET Core
- JsonPatch in ASP.NET Core Web API
- Minimal APIs Overview
- Response Caching Middleware in ASP.NET Core
- Response Compression in ASP.NET Core
- Web APIs - Handle Errors
- Enable CORS in ASP.NET Core
- Enforce HTTPS in ASP.NET Core
- Overview of ASP.NET Core Authentication
- Resource-based authorization in ASP.NET Core
- Globalization and localization in ASP.NET Core
- Use scoped services within a BackgroundService
- Response Caching Middleware in ASP.NET Core
Stack Overflow Discussions
- Create request with POST, which response codes 200 or 201 and content
- Should a RESTful PUT Operation Return Something
- 403 Forbidden vs 401 Unauthorized Http Responses
- How to use Created or CreatedAtAction or CreatedAtRoute in ASP.NET Core API
- What are the main differences between JWT and OAuth Authentication
- Pagination Response Payload from a RESTful API
- Swagger unexpected API PATCH action documentation of JsonPatchDocument in example request body
- What should response of RESTful API for Patch HTTP Method?
- Verifying JWT Signed with the RS 256 Algorithm using public key in C#
- What is the meaning of ValidateIssuer and ValidateAudience in JWT?
- Autofac Propert Injection in Base Class
Software Engineering StackExchange Discussions
- Should I return an HTTP 400 Bad Request Status if a parameter is syntactically correct
- To Include a Resource ID in the payload or to derive from URI
- Which HTTP Verb Should I Use to Trigger an Action in a REST Web Service
Various Other Resources
- Meet Hyrum and Postel
- Hyrum's Law
- Robustness Principle
- REST API Design Tutorial with Example
- 3 Ways to Return Data from the Controllers Action Method in ASP.NET Core
- ASP.NET Core Web API Creating and Validating JWT Json Web Token
- Using ProducesResponseType to Write a Better Web API Action in .NET Core
- Response Compression Middleware in ASP.NET Core
- PUT vs POST
- GitHub API: Pages
- GitHub API: Traversing with Pagination
- JWT Debugger
- Anatomy of a JWT
- JWT Security
- Getting API Security Right
- JSON Web Tokens Security Cheat Sheet
- Secure .NET Microservices
- Implementing JWT Authentication in ASP.NET Core 5
- IANA Link Relations
- Content Negotiation in Web API
- 5 Ways to Set the URLs for an ASP.NET Core App
- Enforce HTTPS Correctly in ASP.NET Core APIs
- Simplify your ASP.NET Core API models with C# Records
- JSON Patch
- How to use JSON Patch in .NET Core
- JSON Patch Support with Swagger and ASP.NET Core 3.1
- ASP.NET Core Web API - Post, Put, Delete
- OWASP JSON Web Token Cheat Sheet for Java
- Hacking JWT Tokens: Brute Forcing Weak Signing Key JWT Cracker
- JWT Authentication with Asymmetric Encryption using certificates in ASP.NET Core
- The Hard Parts of JWT Security Nobody Talks About
- Six Ways to Organize Minimal APIs in ASP.NET Core Applications
- From MVC to Minimal APIs with ASP.NET Core 6.0
- Writing decoupled code with MediatR: The Mediator Pattern
- Middleware for Response Caching in .NET Core Web APIs
- Response Caching in ASP.NET Core
- xunit Configuration Files
- Testing authorization scenarios in ASP.NET Core Web APIs
- Implement authorization for Swagger in ASP.NET Core 6