#web-api

Articles tagged with #web-api

Cookie Authentication vs JWT in ASP.NET Core: Which Should Your API Use?
Cookie authentication and JWT bearer tokens are both first-class citizens in ASP.NET Core's authentication middleware, and both can secure an API. The problem is that teams regularly pick one without
May 21, 202612 min read
7 Common ASP.NET Core Caching Mistakes (And How to Fix Them)
Caching is one of the highest-leverage tools in an ASP.NET Core developer's toolkit — but it is also one of the most misused. The gap between "we added caching" and "our caching actually helps" is wid
May 21, 202611 min read
Long-Running Operations in ASP.NET Core APIs: Enterprise Decision Guide
Every enterprise API team eventually builds an endpoint that does too much — a report that takes 30 seconds, an image processing pipeline, a batch job triggered by an external system. Synchronous HTTP
May 20, 202612 min read
How to Protect ASP.NET Core APIs Against Sensitive Data Exposure
Sensitive data exposure in ASP.NET Core APIs is one of the most frequently overlooked security risks in production systems — not because developers are unaware of it, but because the leak is almost al
May 18, 202614 min read2
ASP.NET Core JWT Bearer Authentication Returns 401 Unauthorized: Causes and Fixes
JWT bearer authentication is one of the most widely used security patterns in ASP.NET Core APIs — and "JWT bearer token returns 401 Unauthorized" is one of the most Googled errors in the .NET ecosyste
May 15, 202611 min read1
ASP.NET Core Request Timeout Strategy in Enterprise APIs: RequestTimeouts Middleware vs CancellationToken vs Polly — Enterprise Decision Guide
Every production API eventually encounters an endpoint that takes too long. A downstream service hangs, a database query blocks, or a third-party call stalls — and suddenly your thread pool is exhaust
May 13, 202613 min read2