Protect your ASP.Net Web API from the Client

… and the Client from your ASP.Net Web API

Sami Islam

--

Photo by Clarisa Watson on Unsplash

A part of creating a production-level Web API is to ensure that no “garbage” comes in. But that is definitely not all. Ensuring that the API Client is aware of the correct way to use the API is also vital.

In this article, I am going to describe 3 ways the ASP.Net Request Model Validation helps us make our ASP.Net Web API safe and at the same time give helpful feedback to the user on how to use our API properly. Starting with a simple API I shall expand it step by step and show the code and the output of calling the API.

Simple API without any Validation

The ASP.Net Core Web API Controller starts with the m_1param GET request:

Method_1Param takes an id parameter from the query
Method_1Param takes an id parameter from the query

Instead of using the tool Postman, we are going to use a VSCode extension called Rest Client that allows us to send REST API queries directly from VSCode which is awesome! It is among the other useful extensions that can be found in the following article by Simon Holdorf:

--

--