Building and Securing RESTful APIs in ASP.NET Core
4h 27mAdvanced2018-09-21
Authors

Nate Barbettini
CTO and Lead Engineer at Cobbler
Course details
Most people have heard of RESTful APIs, but the underlying concept—representational state transfer (REST)—still causes confusion. REST is all about modeling resources that change. RESTful APIs use REST architecture along with HTTP requests to transfer data and changes in application state between clients and servers. This course breaks down the principles of RESTful design and show how to build secure RESTful APIs on top of ASP.NET Core. Nate Barbettini answers questions such as: What is RESTful design? How do you perform RESTful routing? How can you build reusable classes to represent resources? What role does caching play? And how do you secure RESTful APIs? He also covers topics such as data modeling, hypermedia relationships, and authentication and authorization. By the end of the course, you should know the basics—how to properly request and return data in ASP.NET Core—and the best practices for building secure and scalable APIs to serve web clients, mobile clients, and beyond.
Learning objectives
What is RESTful design?
Building a new API with ASP.NET Core
Using HTTP methods
Returning JSON
Creating RESTful routing with templates
Versioning
Securing RESTful APIs with HTTPS
Representing resources
Representing links
Representing collections
Sorting and searching collections
Building forms
Adding caching to an ASP.NET Core API
Configuring user authentication and authorization
Learning objectives
What is RESTful design?
Building a new API with ASP.NET Core
Using HTTP methods
Returning JSON
Creating RESTful routing with templates
Versioning
Securing RESTful APIs with HTTPS
Representing resources
Representing links
Representing collections
Sorting and searching collections
Building forms
Adding caching to an ASP.NET Core API
Configuring user authentication and authorization
Skills covered
ASP.NET CoreAPIsBack-End Web DevelopmentFull-Stack Web DevelopmentFront-End Web DevelopmentProjectWeb DevelopmentMicrosoftSoftware Development
Concepts
0. Introduction
- 01 - The power of RESTful APIs
- 02 - What you should know
- 03 - Example API introduction
1. REST API Concepts
- 04 - What is REST
- 05 - REST vs. RPC
- 06 - Self-documentation and HATEOAS
- 07 - HTTP methods
- 08 - Full and partial updates
- 09 - Returning JSON
- 10 - The Ion hypermedia type
2. Build a Basic API
- 11 - Create a new project
- 12 - Configure MVC
- 13 - Create a root controller
- 14 - Test with Postman
- 15 - Route to controllers with templates
- 16 - Introduction to OpenAPI
- 17 - Add NSwag to the project
3. Versioning and Errors
- 18 - Approaches to API versioning
- 19 - Add versioning support
- 20 - Serialize exceptions as JSON
4. Secure the API
- 21 - Transport security in ASP.NET Core
- 22 - Require HTTPS
- 23 - Test HTTPS locally
- 24 - How CORS works
- 25 - Add CORS middleware
5. Represent Resources
- 26 - Create a resource class
- 27 - Load data from configuration
- 28 - Return data from a controller
- 29 - Set up an in-memory database
- 30 - Create data model classes
- 31 - Seed the database with test data
- 32 - Return a resource from a controller
- 33 - Move data access to a service
- 34 - Map models automatically
6. Represent Links
- 35 - Create a Link class
- 36 - Rewrite Links with a filter
- 37 - Rewrite resource HREFs
7. Represent Collections
- 38 - Create a Collection class
- 39 - Return all resources in a collection
- 40 - Add pagination
- 41 - Paging defaults and validation
- 42 - Add navigation to paged collections
8. Sorting Collections
- 43 - Design collection sort
- 44 - Add sort attributes
- 45 - Validate sort parameters
- 46 - Build sort expressions dynamically
- 47 - Add a default sort term
9. Searching Collections
- 48 - Design collection search
- 49 - Add search attributes
- 50 - Validate search parameters
- 51 - Build search expressions dynamically
- 52 - Extend search to other types
- 53 - Add comparison operators
10. Forms and Modifying Data
- 54 - Forms in Ion
- 55 - Create a POST action
- 56 - Delete a resource
- 57 - Serialize the form metadata
- 58 - Discoverable queries using forms
11. Caching and Compression
- 59 - Compress responses
- 60 - How HTTP caching works
- 61 - Add the Cache-Control header
- 62 - Support the ETag header
- 63 - Add server-side caching
12. Authentication and Authorization
- 64 - How HTTP authentication works
- 65 - Authentication for REST APIs
- 66 - Add Identity
- 67 - Add a test user
- 68 - Create a users collection
- 69 - Create a registration route
- 70 - Add OpenIddict
- 71 - Add a token endpoint
- 72 - Create a UserInfo route
- 73 - More about OpenID Connect
- 74 - Authorization using policies
Conclusion
- 75 - Next steps
Related courses
- Building and Securing Restful APIs in .NET
- Building Web APIs with ASP.NET Web API 2.2
- Programming Foundations: APIs and Web Services
- Building RESTful APIs with Flask
- Creating and Securing Bluetooth Low Energy (BLE) Applications
- Building Your First DevSecOps Pipeline in AWS
- LPIC-2 Linux Engineer (202-450) Cert Prep
- Databricks Certified Data Analyst Associate Cert Prep
Related learn paths
- Explore Web Development with Node.js
- Become a MEAN Javascript Developer
- Explore App Development with the MERN Stack
- Become a Back-End Web Developer
- Getting Started as an ASP.NET Developer
- Prepare for the MTA: Software Development Fundamentals Exam (98-361)
- Advance Your Skills as a Django Developer
- Getting Started In Spring Development