KEMBAR78
Building Beautiful REST APIs with ASP.NET Core | PDF
Stormpath, profile picture
Uploaded byStormpath
PDF, PPTX2,215 views

Building Beautiful REST APIs with ASP.NET Core

The document is a presentation by Nate Barbettini on creating REST APIs in ASP.NET Core, covering topics like the importance of API design, HATEOAS principles, best practices for API development, and a step-by-step guide to setting up a project. Key best practices include planning API design from the start, following a specification, using asynchronous database access, and writing integration tests. The presentation also provides links to resources and examples for further learning.

Technology
Related topics:
ASP.NET Core
Download as PDF, PPTX
BEAUTIFUL REST APIs in ASP.NET Core Nate Barbettini @nbarbettini recaffeinate.co .ws
Welcome! ● Agenda ● Stormpath 101 (5 mins) ● REST APIs in ASP.NET Core (60 mins) ● Q&A (15 mins) ● Nate Barbettini ● Developer Evangelist @ Stormpath
Speed to Market & Cost Reduction ● Complete Identity solution out-of-the-box ● Security best practices and updates by default ● Clean & elegant API/SDKs ● Little to code, no maintenance
Stormpath User Management User Data User Workflows Google ID Your ApplicationsApplication SDK Application SDK Application SDK ID Integrations Facebook Active Directory SAML
Overview ● What is REST? ● Why is API design important? ● HATEOAS (Hypertext As The Engine Of Application State) ● REST APIs in ASP.NET Core
REST vs. RPC ● REST: resources and collections of resources ● RPC: remote function calls
/getAccount?id=17 Bad REST API design /getAllAccounts /updateAccount?id=17 /createAccount /findPostsByAccountId?account=17 /accountSearch?lname=Skywalker /getAccount?id=17&includePosts=1 /getAccount?id=17&format=json /countAccounts /partialUpdateAccount?id=17 /getPostCount?id=17 /deleteUser
HATEOAS, yo! "A REST API should be entered with no prior knowledge beyond the initial URI (bookmark) and set of standardized media types that are appropriate for the intended audience (i.e., expected to be understood by any client that might use the API). From that point on, all application state transitions must be driven by client selection of server-provided choices that are present in the received representations or implied by the user’s manipulation of those representations." ~ Dr. Fielding Tl;dr The API responses themselves should document what you are allowed to do and where you can go. If you can get to the root (/), you should be able to “travel” anywhere else in the API.
Good REST design should... ● Be discoverable and self-documenting ● Represent resources and collections ● Represent actions using HTTP verbs ● KISS!
BEST PRACTICE #0 Plan API design from the beginning
Revisiting the API example /users GET: List all users POST: Create a user /users/17 GET: Retrieve a single user POST or PUT: Update user details DELETE: Delete this user /users/17/posts GET: Get the user’s posts POST: Create a post /users?lname=Skywalker Search /users/17?include=posts Include linked data
BEST PRACTICE #1 Follow a design spec
A specification for REST+JSON APIs The ION spec: https://github.com/ionwg/ion-doc
Getting a single user GET /users/17 { "meta": { "href": "https://example.io/users/17" }, "firstName": "Luke", "lastName": "Skywalker" }
Getting a list of users GET /users { "meta": { "href": "https://example.io/users", "rel": ["collection"] }, "items": [{ "meta": { "href": "https://example.io/users/17" }, "firstName": "Luke", "lastName": "Skywalker" }, { "meta": { "href": "https://example.io/users/18" }, "firstName": "Han", "lastName": "Solo" }] }
The starting point (API root) GET / { "meta": { "href": "https://example.io/" }, "users": { "meta": { "href": "https://example.io/users", "rel": ["collection"], } } }
● Install the .NET Core SDK - http://dot.net/core ● If you’re using Visual Studio: ○ Install the latest updates (Update 3) ○ Install the .NET Core tooling - https://go.microsoft.com/fwlink/?LinkID=827546 ○ Create a new project from the ASP.NET Core (.NET Core) template ○ Pick the API subtemplate ● Or, with Visual Studio Code: ○ Use dotnet new -t web to create a new web project ○ Run dotnet restore to restore NuGet packages ● Ready to run! Getting started with ASP.NET Core
LIVE CODING
Best practices recap 0. Plan API design from the beginning 1. Follow a design spec 2. Use async for database access 3. Write integration tests
Next steps ● Full example https://github.com/nbarbettini/beautiful-rest-api-aspnetcore ● ION draft spec https://github.com/ionwg/ion-doc
Thank you! Nate Barbettini @nbarbettini recaffeinate.co .ws

More Related Content

PPTX
RESTful API Design Best Practices Using ASP.NET Web API
by💻 Spencer Schneidenbach
 
PDF
The never-ending REST API design debate
byRestlet
 
PPTX
Building Beautiful REST APIs in ASP.NET Core
byNate Barbettini
 
PPTX
Secure RESTful API Automation With JavaScript
byJonathan LeBlanc
 
PDF
Building Beautiful REST APIs in ASP.NET Core
byStormpath
 
PPTX
RESTful API Automation with JavaScript
byJonathan LeBlanc
 
PPTX
Best Practices for Architecting a Pragmatic Web API.
byMario Cardinal
 
PDF
REST full API Design
byChristian Guenther
 
RESTful API Design Best Practices Using ASP.NET Web API
by💻 Spencer Schneidenbach
 
The never-ending REST API design debate
byRestlet
 
Building Beautiful REST APIs in ASP.NET Core
byNate Barbettini
 
Secure RESTful API Automation With JavaScript
byJonathan LeBlanc
 
Building Beautiful REST APIs in ASP.NET Core
byStormpath
 
RESTful API Automation with JavaScript
byJonathan LeBlanc
 
Best Practices for Architecting a Pragmatic Web API.
byMario Cardinal
 
REST full API Design
byChristian Guenther
 

What's hot

PPSX
Rest api standards and best practices
byAnkita Mahajan
 
ODP
Attacking REST API
bySiddharth Bezalwar
 
PPTX
RESTful modules in zf2
byCorley S.r.l.
 
PDF
Understanding and testing restful web services
bymwinteringham
 
PPTX
An Introduction To REST API
byAniruddh Bhilvare
 
PDF
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)
byNordic APIs
 
PPTX
RESTful API - Best Practices
byTricode (part of Dept)
 
PPTX
40+ tips to use Postman more efficiently
bypostmanclient
 
PDF
Rapid API Development with LoopBack/StrongLoop
byRaymond Camden
 
PPTX
RESTful API Design Fundamentals
byHüseyin BABAL
 
PPTX
Introduction to REST and Hypermedia
byNordic APIs
 
PPTX
Understanding REST APIs in 5 Simple Steps
byTessa Mero
 
PDF
Building an API Security Ecosystem
byPrabath Siriwardena
 
PDF
API for Beginners
byGustavo De Vita
 
PPTX
Working with LoopBack Models
byRaymond Feng
 
PDF
How to Contribute to Apache Usergrid
byDavid M. Johnson
 
PPTX
Getting Started with API Security Testing
bySmartBear
 
PPTX
Test in Rest. API testing with the help of Rest Assured.
byArtem Korchevyi
 
PDF
What is REST API? REST API Concepts and Examples | Edureka
byEdureka!
 
PDF
Coding 100-session-slides
byCisco DevNet
 
Rest api standards and best practices
byAnkita Mahajan
 
Attacking REST API
bySiddharth Bezalwar
 
RESTful modules in zf2
byCorley S.r.l.
 
Understanding and testing restful web services
bymwinteringham
 
An Introduction To REST API
byAniruddh Bhilvare
 
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)
byNordic APIs
 
RESTful API - Best Practices
byTricode (part of Dept)
 
40+ tips to use Postman more efficiently
bypostmanclient
 
Rapid API Development with LoopBack/StrongLoop
byRaymond Camden
 
RESTful API Design Fundamentals
byHüseyin BABAL
 
Introduction to REST and Hypermedia
byNordic APIs
 
Understanding REST APIs in 5 Simple Steps
byTessa Mero
 
Building an API Security Ecosystem
byPrabath Siriwardena
 
API for Beginners
byGustavo De Vita
 
Working with LoopBack Models
byRaymond Feng
 
How to Contribute to Apache Usergrid
byDavid M. Johnson
 
Getting Started with API Security Testing
bySmartBear
 
Test in Rest. API testing with the help of Rest Assured.
byArtem Korchevyi
 
What is REST API? REST API Concepts and Examples | Edureka
byEdureka!
 
Coding 100-session-slides
byCisco DevNet
 

Viewers also liked

PPTX
Beautiful REST+JSON APIs with Ion
byStormpath
 
PDF
Build a REST API for your Mobile Apps using Node.js
byStormpath
 
PPTX
Design Beautiful REST + JSON APIs
byStormpath
 
PPTX
Build A Killer Client For Your REST+JSON API
byStormpath
 
PPTX
Stormpath 101: Spring Boot + Spring Security
byStormpath
 
PDF
The Ultimate Guide to Mobile API Security
byStormpath
 
PPTX
JWTs for CSRF and Microservices
byStormpath
 
PPTX
Storing User Files with Express, Stormpath, and Amazon S3
byStormpath
 
PDF
Mobile Authentication for iOS Applications - Stormpath 101
byStormpath
 
PPTX
Token Authentication in ASP.NET Core
byStormpath
 
PPTX
Custom Data Search with Stormpath
byStormpath
 
PDF
JWTs in Java for CSRF and Microservices
byStormpath
 
PPTX
Spring Boot Authentication...and More!
byStormpath
 
PDF
Getting Started With Angular
byStormpath
 
PPTX
Instant Security & Scalable User Management with Spring Boot
byStormpath
 
PDF
Securing Web Applications with Token Authentication
byStormpath
 
PPTX
Multi-Tenancy with Spring Boot
byStormpath
 
PPTX
Token Authentication for Java Applications
byStormpath
 
PPTX
Browser Security 101
byStormpath
 
PPTX
REST API Security: OAuth 2.0, JWTs, and More!
byStormpath
 
Beautiful REST+JSON APIs with Ion
byStormpath
 
Build a REST API for your Mobile Apps using Node.js
byStormpath
 
Design Beautiful REST + JSON APIs
byStormpath
 
Build A Killer Client For Your REST+JSON API
byStormpath
 
Stormpath 101: Spring Boot + Spring Security
byStormpath
 
The Ultimate Guide to Mobile API Security
byStormpath
 
JWTs for CSRF and Microservices
byStormpath
 
Storing User Files with Express, Stormpath, and Amazon S3
byStormpath
 
Mobile Authentication for iOS Applications - Stormpath 101
byStormpath
 
Token Authentication in ASP.NET Core
byStormpath
 
Custom Data Search with Stormpath
byStormpath
 
JWTs in Java for CSRF and Microservices
byStormpath
 
Spring Boot Authentication...and More!
byStormpath
 
Getting Started With Angular
byStormpath
 
Instant Security & Scalable User Management with Spring Boot
byStormpath
 
Securing Web Applications with Token Authentication
byStormpath
 
Multi-Tenancy with Spring Boot
byStormpath
 
Token Authentication for Java Applications
byStormpath
 
Browser Security 101
byStormpath
 
REST API Security: OAuth 2.0, JWTs, and More!
byStormpath
 

Similar to Building Beautiful REST APIs with ASP.NET Core

PPTX
RESTful APIs in .NET
byGreg Sohl
 
PPTX
Building Software Backend (Web API)
byAlexander Goida
 
PPTX
Chapter 01-Introduction to ASP.NET Core and RESTful Service.pptx
bynhanltse183977
 
PDF
Rest web services
byPaulo Gandra de Sousa
 
PDF
Rest api best practices – comprehensive handbook
byKaty Slemon
 
PDF
Crafting APIs
byTatiana Al-Chueyr
 
PPTX
Mastering-ASPNET-Web-API-and-RESTful-Patterns.pptx
bykeshabregmi1
 
PPTX
Rest api design
byRudra Tripathy
 
PPTX
API Design- Best Practices
byPrakash Bhandari
 
PPTX
Mendix rest services
byG Acellam
 
PDF
Zyncro rest api feb 2013
byZyncro
 
PPTX
Building-Robust-APIs-ASPNET-Web-API-and-RESTful-Patterns.pptx
bykeshabregmi1
 
PPTX
Http and REST APIs.
byRahul Tanwani
 
PPT
RESTful SOA - 中科院暑期讲座
byLi Yi
 
PPTX
Building rest services using aspnetwebapi
byBrij Mishra
 
PDF
usable rest apis, by Javier Ramirez from teowaki (Apidays Mediterranea)
byjavier ramirez
 
PDF
Writing RESTful Web Services
byPaul Boocock
 
PPTX
07 restful webservices design
byAhmed Elbassel
 
PDF
Restful design principles
byGeison Goes
 
PDF
What is REST?
bySaeid Zebardast
 
RESTful APIs in .NET
byGreg Sohl
 
Building Software Backend (Web API)
byAlexander Goida
 
Chapter 01-Introduction to ASP.NET Core and RESTful Service.pptx
bynhanltse183977
 
Rest web services
byPaulo Gandra de Sousa
 
Rest api best practices – comprehensive handbook
byKaty Slemon
 
Crafting APIs
byTatiana Al-Chueyr
 
Mastering-ASPNET-Web-API-and-RESTful-Patterns.pptx
bykeshabregmi1
 
Rest api design
byRudra Tripathy
 
API Design- Best Practices
byPrakash Bhandari
 
Mendix rest services
byG Acellam
 
Zyncro rest api feb 2013
byZyncro
 
Building-Robust-APIs-ASPNET-Web-API-and-RESTful-Patterns.pptx
bykeshabregmi1
 
Http and REST APIs.
byRahul Tanwani
 
RESTful SOA - 中科院暑期讲座
byLi Yi
 
Building rest services using aspnetwebapi
byBrij Mishra
 
usable rest apis, by Javier Ramirez from teowaki (Apidays Mediterranea)
byjavier ramirez
 
Writing RESTful Web Services
byPaul Boocock
 
07 restful webservices design
byAhmed Elbassel
 
Restful design principles
byGeison Goes
 
What is REST?
bySaeid Zebardast
 

More from Stormpath

PPTX
Secure API Services in Node with Basic Auth and OAuth2
byStormpath
 
PPTX
How to Use Stormpath in angular js
byStormpath
 
PPTX
Building Secure User Interfaces With JWTs (JSON Web Tokens)
byStormpath
 
PPTX
Rest API Security
byStormpath
 
PPTX
Elegant Rest Design Webinar
byStormpath
 
PPTX
Secure Your REST API (The Right Way)
byStormpath
 
PPTX
Build a Node.js Client for Your REST+JSON API
byStormpath
 
PPTX
So long scrum, hello kanban
byStormpath
 
PPTX
REST API Design for JAX-RS And Jersey
byStormpath
 
Secure API Services in Node with Basic Auth and OAuth2
byStormpath
 
How to Use Stormpath in angular js
byStormpath
 
Building Secure User Interfaces With JWTs (JSON Web Tokens)
byStormpath
 
Rest API Security
byStormpath
 
Elegant Rest Design Webinar
byStormpath
 
Secure Your REST API (The Right Way)
byStormpath
 
Build a Node.js Client for Your REST+JSON API
byStormpath
 
So long scrum, hello kanban
byStormpath
 
REST API Design for JAX-RS And Jersey
byStormpath
 

Recently uploaded

PDF
NSSHOEU-J 4x35mm² Cable Specification.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PDF
2025 October Patch Tuesday
byIvanti
 
PPTX
UiPath Automation Suite Installation (Hands-On) [2/3]
bysuhanisingh58689
 
PPTX
"Towards React Server Components in Clojure", Roman Liutikov
byFwdays
 
PDF
Rivian's Push Notification Sub Stream with Mega Filter by Marcus Kim & Saahil...
byScyllaDB
 
PDF
UnityNet Digital Sovereignty Checklist 2025-10-13
byLHelferty
 
PDF
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
PDF
Meta and Apple close to settling EU cases.pdf
byLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
PPTX
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 
PDF
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
PPTX
CBD Belgium 2025 - The adventures of a Microsoft 365 Platform Owner.pptx
byJasper Oosterveld
 
PPTX
Session 5 - Specialized AI Associate Series: Build a Document Understanding ...
byDianaGray10
 
PDF
A 4-Terminal Approach to Validating Charge Conservation in MOSFET Compact Models
byEalwan Lee
 
PPTX
Top Trends in Kubernetes Security: TalosCon 2025
byCheryl Hung
 
PDF
What is Google Cloud Platform (GCP)? A 5-Minute Guide for Beginners (2025)
byTeleglobal International
 
PPTX
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
PDF
AGV PROTOCOL BRAND KIT COMPLETE VIEW.pdf
byfagbolade
 
PPTX
Hybrid Active Directory Cyber Resiliency
byFrancesco Faenzi
 
PDF
KV Caching Strategies for Latency-Critical LLM Applications by John Thomson
byScyllaDB
 
PDF
Combining AI with Red Teaming and Bug Bounty
byRamin Farajpour Cami
 
NSSHOEU-J 4x35mm² Cable Specification.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
2025 October Patch Tuesday
byIvanti
 
UiPath Automation Suite Installation (Hands-On) [2/3]
bysuhanisingh58689
 
"Towards React Server Components in Clojure", Roman Liutikov
byFwdays
 
Rivian's Push Notification Sub Stream with Mega Filter by Marcus Kim & Saahil...
byScyllaDB
 
UnityNet Digital Sovereignty Checklist 2025-10-13
byLHelferty
 
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
Meta and Apple close to settling EU cases.pdf
byLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
"Daily workflows with Cursor IDE", Maksym Anisimov
byFwdays
 
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
CBD Belgium 2025 - The adventures of a Microsoft 365 Platform Owner.pptx
byJasper Oosterveld
 
Session 5 - Specialized AI Associate Series: Build a Document Understanding ...
byDianaGray10
 
A 4-Terminal Approach to Validating Charge Conservation in MOSFET Compact Models
byEalwan Lee
 
Top Trends in Kubernetes Security: TalosCon 2025
byCheryl Hung
 
What is Google Cloud Platform (GCP)? A 5-Minute Guide for Beginners (2025)
byTeleglobal International
 
"The Art of Web Scraping: Tree Algorithms and JS Magic", Dmytro Tarasenko
byFwdays
 
AGV PROTOCOL BRAND KIT COMPLETE VIEW.pdf
byfagbolade
 
Hybrid Active Directory Cyber Resiliency
byFrancesco Faenzi
 
KV Caching Strategies for Latency-Critical LLM Applications by John Thomson
byScyllaDB
 
Combining AI with Red Teaming and Bug Bounty
byRamin Farajpour Cami
 

Building Beautiful REST APIs with ASP.NET Core

  • 1.
    BEAUTIFUL REST APIs inASP.NET Core Nate Barbettini @nbarbettini recaffeinate.co .ws
  • 2.
    Welcome! ● Agenda ● Stormpath101 (5 mins) ● REST APIs in ASP.NET Core (60 mins) ● Q&A (15 mins) ● Nate Barbettini ● Developer Evangelist @ Stormpath
  • 3.
    Speed to Market& Cost Reduction ● Complete Identity solution out-of-the-box ● Security best practices and updates by default ● Clean & elegant API/SDKs ● Little to code, no maintenance
  • 4.
    Stormpath User Management UserData User Workflows Google ID Your ApplicationsApplication SDK Application SDK Application SDK ID Integrations Facebook Active Directory SAML
  • 5.
    Overview ● What isREST? ● Why is API design important? ● HATEOAS (Hypertext As The Engine Of Application State) ● REST APIs in ASP.NET Core
  • 6.
    REST vs. RPC ●REST: resources and collections of resources ● RPC: remote function calls
  • 7.
    /getAccount?id=17 Bad REST APIdesign /getAllAccounts /updateAccount?id=17 /createAccount /findPostsByAccountId?account=17 /accountSearch?lname=Skywalker /getAccount?id=17&includePosts=1 /getAccount?id=17&format=json /countAccounts /partialUpdateAccount?id=17 /getPostCount?id=17 /deleteUser
  • 8.
    HATEOAS, yo! "A RESTAPI should be entered with no prior knowledge beyond the initial URI (bookmark) and set of standardized media types that are appropriate for the intended audience (i.e., expected to be understood by any client that might use the API). From that point on, all application state transitions must be driven by client selection of server-provided choices that are present in the received representations or implied by the user’s manipulation of those representations." ~ Dr. Fielding Tl;dr The API responses themselves should document what you are allowed to do and where you can go. If you can get to the root (/), you should be able to “travel” anywhere else in the API.
  • 9.
    Good REST designshould... ● Be discoverable and self-documenting ● Represent resources and collections ● Represent actions using HTTP verbs ● KISS!
  • 10.
    BEST PRACTICE #0 PlanAPI design from the beginning
  • 11.
    Revisiting the APIexample /users GET: List all users POST: Create a user /users/17 GET: Retrieve a single user POST or PUT: Update user details DELETE: Delete this user /users/17/posts GET: Get the user’s posts POST: Create a post /users?lname=Skywalker Search /users/17?include=posts Include linked data
  • 12.
  • 13.
    A specification forREST+JSON APIs The ION spec: https://github.com/ionwg/ion-doc
  • 14.
    Getting a singleuser GET /users/17 { "meta": { "href": "https://example.io/users/17" }, "firstName": "Luke", "lastName": "Skywalker" }
  • 15.
    Getting a listof users GET /users { "meta": { "href": "https://example.io/users", "rel": ["collection"] }, "items": [{ "meta": { "href": "https://example.io/users/17" }, "firstName": "Luke", "lastName": "Skywalker" }, { "meta": { "href": "https://example.io/users/18" }, "firstName": "Han", "lastName": "Solo" }] }
  • 16.
    The starting point(API root) GET / { "meta": { "href": "https://example.io/" }, "users": { "meta": { "href": "https://example.io/users", "rel": ["collection"], } } }
  • 17.
    ● Install the.NET Core SDK - http://dot.net/core ● If you’re using Visual Studio: ○ Install the latest updates (Update 3) ○ Install the .NET Core tooling - https://go.microsoft.com/fwlink/?LinkID=827546 ○ Create a new project from the ASP.NET Core (.NET Core) template ○ Pick the API subtemplate ● Or, with Visual Studio Code: ○ Use dotnet new -t web to create a new web project ○ Run dotnet restore to restore NuGet packages ● Ready to run! Getting started with ASP.NET Core
  • 18.
  • 19.
    Best practices recap 0.Plan API design from the beginning 1. Follow a design spec 2. Use async for database access 3. Write integration tests
  • 20.
    Next steps ● Fullexample https://github.com/nbarbettini/beautiful-rest-api-aspnetcore ● ION draft spec https://github.com/ionwg/ion-doc
  • 21.