ASP.

NET Core Web API Intermediate Interview

Questions and Answers
Back to: ASP.NET Core Web API Tutorials

ASP.NET Core Web API Intermediate Interview

Questions and Answers
In this article, I will discuss the most frequently asked Top 50 ASP.NET Core Web API
Intermediate Interview Questions and Answers. Please read our previous article discussing Top
50 ASP.NET Core Web API Basic Interview Questions and Answers. Here’s a comprehensive
list of ASP.NET Core Web API Intermediate Interview Questions and Answers.

How does dependency injection work in ASP.NET Core Web API, and why is
it important?

Dependency Injection (DI) in ASP.NET Core is implemented via the built-in IoC (Inversion of
Control) container. This container manages the instantiation and lifetime of application components.
When a component requires a dependency, the container provides it. This promotes loose coupling
between components, making the codebase more maintainable, testable, and scalable. ASP.NET
Core primarily uses constructor injection, where dependencies are provided through a class’s
constructor. This approach makes dependencies explicit and facilitates easy unit testing by allowing
mock implementations to be injected.

Explain the differences between Singleton, Scoped, and Transient lifetimes in

ASP.NET Core Web API.

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 1 of 28
:
 Singleton: Objects registered as singletons are created once and shared throughout the
application’s lifetime. This is useful for stateless services or objects that are expensive to
create and can be reused across requests.
Scoped: Scoped objects are created once per client request within the scope of that
request. They are disposed of when the request ends. Scoped lifetime is beneficial for
objects that maintain state specific to a single request, such as database contexts or unit of
work instances.
Transient: Transient objects are created every time they are requested. They are not shared
between requests or other components. Transient lifetime is suitable for lightweight, stateless
services where a new instance is needed for each operation.

Describe the process of creating and consuming custom Middleware in

ASP.NET Core Web API.

Middleware in ASP.NET Core is software components that are assembled into the request pipeline
to handle requests and responses. Custom Middleware allows developers to inject custom logic into
the pipeline to perform tasks such as authentication, logging, or error handling. To create custom
Middleware, you typically implement the IMiddleware interface or create a function that accepts a
RequestDelegate. The Middleware’s Invoke method is where the logic is executed. To consume
custom Middleware, you add it to the request pipeline using the UseMiddleware<T>() extension
method within the Configure method of the Startup class.

What is Entity Framework Core, and what are its advantages over ADO.NET
Core?

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 2 of 28
:
 Entity Framework Core (EF Core): EF Core is an ORM framework provided by Microsoft for .NET
applications. It simplifies data access by allowing developers to work with database objects as .NET
objects. Advantages include increased productivity due to automatic code generation, LINQ support
for querying databases, and built-in support for change tracking and database migrations.

ADO.NET: ADO.NET is a set of .NET libraries for accessing data from various data sources,
including relational databases. While ADO.NET provides greater control over data access
operations, it requires writing more code for common tasks like mapping database results to objects
and managing connections, commands, and transactions manually.

How do you implement unit testing in ASP.NET Core Web API applications?

Unit testing in ASP.NET Core Web API involves testing individual units of code in isolation to ensure
they behave as expected. This typically includes testing controllers, services, repositories, and
other components. Frameworks like MSTest, NUnit, or xUnit can be used for writing unit tests.
Mocking frameworks such as Moq or NSubstitute are often employed to isolate dependencies and
simulate behavior. Tests should cover various scenarios, including input validation, business logic,
error handling, and integration with external dependencies.

What is the Repository Pattern, and how does it apply to ASP.NET Core Web
API?

The Repository pattern is a design pattern that abstracts the data access logic from the rest of the
application. In ASP.NET Core Web API, repositories encapsulate CRUD (Create, Read, Update,
Delete) operations for entities, providing a clean separation between the business logic and data
access code. Repositories typically expose methods for querying and manipulating data, allowing
the rest of the application to interact with the data store through a consistent interface. This
promotes code reusability, maintainability, and testability.

Explain the Unit of Work pattern and its benefits in ASP.NET Core Web API
applications.

The Unit of Work pattern is a design pattern used to manage transactions and ensure data

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 3 of 28
:
 consistency within an application. In ASP.NET Core Web API, the Unit of Work pattern coordinates
multiple repository operations within a single transaction. This ensures that either all operations are
successfully committed to the database or none of them are. By grouping related database
operations into a single unit of work, the pattern helps maintain data integrity and consistency, even
in complex scenarios involving multiple data manipulation operations.

Describe the Process and Benefits of API Versioning in ASP.NET Core Web
API.

API versioning is the practice of managing changes to a Web API’s interface over time while
ensuring backward compatibility with existing clients. In ASP.NET Core Web API, versioning can be
achieved through various mechanisms, including URL-based versioning, query string-based
versioning, header-based versioning, or media type-based versioning. Versioning allows API
developers to introduce breaking changes without disrupting existing clients, support multiple
versions of the API concurrently, and improve API discoverability by signaling the API version in
requests.

What are Data Transfer Objects (DTOs), and why are they used in ASP.NET
Core Web API?

Data Transfer Objects (DTOs) are objects used to transfer data between the client and server in a
Web API. DTOs typically represent a subset of data from one or more domain models and are
optimized for network transmission. In ASP.NET Core Web API, DTOs are used to decouple the
API from the underlying data model, providing flexibility in data representation and allowing the API
to evolve independently of the database schema. By reducing the amount of data transferred over
the network and simplifying the data structure, DTOs improve the performance and maintainability
of the API.

How do you secure an ASP.NET Core Web API using JWT Authentication?

JWT (JSON Web Tokens) authentication is a popular method for securing ASP.NET Core Web
APIs. Here’s how it’s typically implemented:

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 4 of 28
:
 Learn more

Install the Microsoft.AspNetCore.Authentication.JwtBearer NuGet package.

Configure JWT authentication using the ConfigureServices method of the Startup class using
AddAuthentication and AddJwtBearer methods.
Specify options such as the issuer, audience, and signing key for token validation.
Add the authentication middleware to the request pipeline using UseAuthentication in the
Configure method of the Startup class.
Use the [Authorize] attribute on controllers or actions that require authentication.
Generate JWT tokens during user authentication and include them in the Authorization
header of subsequent requests.

Explain the difference between Razor Pages and MVC and Web API in
ASP.NET Core.

Razor Pages: Introduced in ASP.NET Core, Razor Pages is a lightweight alternative to the
MVC pattern for building web applications. It emphasizes convention over configuration and
allows developers to build UI-focused applications with less ceremony compared to MVC.
MVC (Model-View-Controller): MVC is a design pattern for building web applications that
separates the application into three main components: Model (data), View (UI), and
Controller (logic). ASP.NET Core MVC provides robust support for building full-featured web
applications.
Web API: ASP.NET Core Web API is a framework for building HTTP services that can be
consumed by a variety of clients, including web applications, mobile apps, and IoT devices.
It’s optimized for RESTful communication and typically returns data in JSON or XML format.

What is CORS, and how is it configured in ASP.NET Core Web API?

CORS (Cross-Origin Resource Sharing) is a security feature implemented by web browsers to

restrict cross-origin HTTP requests initiated from scripts. In ASP.NET Core Web API, CORS policies
can be configured using Microsoft.AspNetCore.Cors package. Configuration involves adding CORS
services in the ConfigureServices method of the Startup class and specifying CORS policies using
the AddCors method. CORS policies can be applied globally to all controllers or selectively to

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 5 of 28
:
 specific controllers or actions using the [EnableCors] attribute.

How do you implement custom validation in ASP.NET Core Web API?

Custom validation in ASP.NET Core Web API can be achieved by implementing custom validation
attributes or by creating custom validation logic within action methods or service classes. To create
custom validation attributes, derive from the ValidationAttribute class and override the IsValid
method to perform validation logic. Custom validation logic can also be implemented by injecting
the ModelState object into action methods and manually adding validation errors using the
ModelState.AddModelError method.

What is SignalR, and how can it be used in ASP.NET Core Web API?

SignalR is a library in ASP.NET Core that adds real-time web functionality to applications. It enables
bi-directional communication between the server and client over a single, long-lived connection.
SignalR can be used in ASP.NET Core Web API to implement real-time features such as chat
applications, live updates, and notifications. To use SignalR, install the
Microsoft.AspNetCore.SignalR package, define Hub classes to handle client-server communication
and configure SignalR middleware in the Startup class.

How do you perform file uploads in ASP.NET Core Web APIs?

File uploads in ASP.NET Core Web APIs can be implemented using the IFormFile interface
provided by ASP.NET Core. Here’s a basic approach:

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 6 of 28
:
 Use a multipart/form-data form to upload files from the client.
Define action methods in the controller to handle file uploads, accepting IFormFile
parameters.
Read the file contents using the OpenReadStream method of the IFormFile interface.
Process the uploaded file as needed, such as saving it to disk or storing it in a database.

Explain the Role of Action Filters in ASP.NET Core Web API.

Action Filters in ASP.NET Core Web API are attributes that can be applied to controller actions to
perform cross-cutting concerns such as logging, authorization, caching, validation, and exception
handling. Action Filters allow developers to encapsulate common logic that needs to be executed
before or after an action method is invoked. ASP.NET Core provides several built-in action filters,
such as [Authorize] for authorization, [ValidateAntiForgeryToken] for preventing CSRF attacks, and
[ResponseCache] for caching responses.

How do you optimize the performance of ASP.NET Core Web API

applications?

Performance optimization in ASP.NET Core Web API applications involves various techniques such
as:

Implementing caching to reduce database and network overhead.

Enabling compression to reduce payload size and improve response times.
Minimizing unnecessary data transfer by using DTOs (Data Transfer Objects) and selective
field projection.
Optimizing database queries by indexing frequently accessed columns and using
asynchronous database operations.
Distributed caching and load balancing are used for scalability and fault tolerance.
Monitoring application performance using tools like Application Insights or Serilog.

What is Response Caching, and how do you implement it in ASP.NET Core

Web API?

Response caching in ASP.NET Core Web API allows you to cache the output of HTTP responses to
improve performance and reduce server load. Response caching can be configured at the action

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 7 of 28
:
 level using attributes like [ResponseCache] or globally in the Main method of the Program class.
Configuration options include cache duration, cache location (client-side or server-side), cache key
settings, and cache profiles. Response caching can significantly reduce response times for
frequently accessed endpoints and improve the scalability of the application.

How does the ASP.NET Core Web API Routing Engine Work?

The ASP.NET Core Web API Routing engine is responsible for mapping incoming HTTP requests to
the appropriate controller action methods based on the URL pattern defined in the route templates.
It follows a convention-based approach where routes are defined in the Program.cs file using the
MapControllerRoute or MapGet, MapPost, etc., methods provided by the routing middleware.

When a request is received, the routing engine matches the URL pattern to the route template of
registered routes. If a match is found, it invokes the corresponding controller action method. If no
match is found, it returns a 404 Not Found response.

Route parameters can be specified within curly braces {} in the route template, allowing for dynamic
routing. Additionally, attribute routing can be used to define routes directly on controller action
methods or controllers themselves, providing more control over the routing behavior.

Describe how to implement global exception handling in ASP.NET Core Web

API.

Global exception handling in ASP.NET Core Web API involves intercepting unhandled exceptions
that occur during request processing and providing a centralized mechanism to handle them. This

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 8 of 28
:
 can be achieved by implementing a custom middleware or by using the built-in exception handling
middleware provided by ASP.NET Core.

To implement global exception handling:

Create a custom middleware component that intercepts exceptions in the request pipeline.
Configure the middleware in the Configure method of the Startup class.
Inside the middleware, handle exceptions by logging them, customizing the response, and
returning appropriate HTTP status codes.
Optionally, configure the middleware to return detailed error messages in development mode
and generic error messages in production mode.

What is the purpose of appsettings.json in ASP.NET Core Web API?

The appsettings.json file in ASP.NET Core Web API is used to store configuration settings for the
application. It follows the JSON format and allows developers to define key-value pairs for various
settings such as connection strings, logging configuration, authentication settings, and application-
specific configurations.

The purpose of appsettings.json is to provide a centralized location for configuring application

settings, which can be easily accessed and modified without modifying the source code.
Additionally, ASP.NET Core supports hierarchical configuration, allowing settings to be overridden
at different levels (e.g., development, staging, production) through environment-specific
configuration files.

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 9 of 28
:
 What are the best practices for logging in ASP.NET Core Web API?

Use built-in logging providers: ASP.NET Core provides built-in logging abstractions that
support various logging providers such as Console, Debug, EventSource, EventLog, Serilog,
etc.
Configure logging levels: Use different log levels (e.g., Information, Warning, Error) to
categorize log messages based on their severity.
Use structured logging: Log messages in a structured format (e.g., JSON) to facilitate
analysis and filtering.
Log relevant information: Include relevant information in log messages, such as request
details, user context, timestamps, and exception stack traces.
Implement log filtering and enrichment: Use middleware or custom logging components
to filter and enrich log messages with additional context information.
Secure sensitive information: Avoid logging sensitive information such as passwords,
credit card numbers, or personal data.

How do you implement OAuth2 and OpenID Connect in ASP.NET Core Web
API?

OAuth2 and OpenID Connect are industry-standard protocols used for authentication and
authorization in modern web applications. In ASP.NET Core Web API, you can implement OAuth2
and OpenID Connect using Microsoft.AspNetCore.Authentication middleware and external
authentication providers such as IdentityServer4, Okta, or Azure AD.

To implement OAuth2 and OpenID Connect:

Install the required NuGet packages for authentication middleware and provider-specific
libraries.
Configure authentication middleware in the Startup.cs file to use OAuth2 or OpenID Connect
as the authentication scheme.
Configure authentication options such as client ID, client secret, scopes, callback URLs, etc.
Implement callback endpoints to handle authentication callbacks and exchange tokens.
Use authorization attributes to restrict access to protected resources based on OAuth2
scopes or roles.

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 10 of 28
:
 Describe the process of implementing API rate limiting in ASP.NET Core Web
API.

API rate limiting is a technique used to control the number of requests that clients can make to an
API within a specific time period. In ASP.NET Core Web API, you can implement API rate limiting
using middleware such as AspNetCoreRateLimit.

To implement API rate limiting:

Install the AspNetCoreRateLimit NuGet package.

Configure rate-limiting options such as rate limits, IP address tracking, client identification,
etc., in the Startup.cs file.
Add rate limiting middleware to the request pipeline with appropriate configuration.
Handle rate limit-exceeded errors and provide appropriate responses to clients.
Optionally, persist rate limit counters to a distributed cache or database for scalability and
reliability.

What is Swagger, and how do you integrate it into an ASP.NET Core Web
API?

Swagger is an open-source framework for documenting and testing APIs. It provides a user-friendly
interface that allows developers to explore API endpoints, view request and response schemas,
and execute API requests directly from the browser.

To integrate Swagger into an ASP.NET Core Web API:

Install the Swashbuckle.AspNetCore NuGet package.

Configure Swagger services in the Startup.cs file using the AddSwaggerGen method.
Customize Swagger documentation using attributes and fluent API options.
Enable Swagger UI and Swagger JSON endpoints in the request pipeline.
Optionally, secure Swagger endpoints with authentication and authorization middleware to
restrict access.

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 11 of 28
:
 How do you use attribute routing in ASP.NET Core Web API?

Attribute routing allows developers to define routes directly on controller action methods or
controllers themselves using attributes. This provides a more declarative and concise way to define
routes compared to convention-based routing.

To use attribute routing in ASP.NET Core Web API:

Decorate controller classes or action methods with the [Route] attribute to specify route
templates.
Optionally, use route parameters within curly braces {} to define dynamic segments of the
route.
Define multiple routes for a single action method using the [HttpGet], [HttpPost], etc.,
attributes with different route templates.
Customize route constraints using built-in constraint attributes or by implementing custom
route constraint classes.

Explain how to serialize and deserialize JSON in ASP.NET Core Web API

ASP.NET Core Web API uses Newtonsoft.Json (or System.Text.Json) for JSON serialization and
deserialization. These libraries automatically serialize and deserialize .NET objects to and from
JSON format.

To serialize JSON:

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 12 of 28
:
 Return .NET objects from controller action methods. ASP.NET Core automatically serializes
them to JSON.
Customize serialization behavior using attributes such as [JsonProperty] to control property
names or [JsonIgnore] to exclude properties from serialization.

To deserialize JSON:

Accept JSON data in controller action method parameters. ASP.NET Core automatically
binds JSON data to .NET objects.
Use model binding to bind JSON data to complex objects from HTTP request bodies.
Validate and handle deserialization errors using model validation attributes or manually
parsing JSON data using libraries like Newtonsoft.Json.

How do you handle multiple environments (development, staging,

production) in ASP.NET Core Web API?

ASP.NET Core provides built-in support for managing multiple environments such as development,
staging, and production. This is achieved by utilizing environment-specific configuration files
(appsettings.{Environment}.json) and environment variables.

Configuration files: ASP.NET Core loads configuration settings from appsettings.json by

default. To override settings for specific environments, you can create environment-specific
configuration files like appsettings.Development.json, appsettings.Staging.json, and
appsettings.Production.json. These files contain settings specific to each environment and
override the base settings defined in appsettings.json.
Environment variables: Environment variables provide another way to configure settings
for different environments. ASP.NET Core automatically maps environment variables with
names matching configuration keys to override settings from configuration files. For example,
setting ASPNETCORE_ENVIRONMENT=Production as an environment variable will change
the environment to production mode.

What is the IHttpClientFactory, and why should you use it in ASP.NET Core
Web API?

IHttpClientFactory is a feature introduced in ASP.NET Core to manage and reuse HttpClient

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 13 of 28
:
 instances efficiently. In traditional usage, creating new HttpClient instances for each request can
lead to performance issues due to socket exhaustion. IHttpClientFactory addresses this by
managing the lifecycle of HttpClient instances and providing features such as automatic handling of
DNS changes, automatic retries, and dependency injection integration.

Benefits of using IHttpClientFactory:

Reduced resource consumption: It reuses HttpClient instances, leading to better resource

utilization.
Improved performance: It optimizes HttpClient usage and reduces overhead associated
with creating and disposing of HttpClient instances.
Simplified HttpClient management: It centralizes HttpClient configuration and
management, making it easier to configure and customize HttpClient instances.

How do you configure and use dependency injection in a class library in

ASP.NET Core Web API?

To configure dependency injection (DI) in a class library for use in ASP.NET Core Web API, follow
these steps:

Define interfaces for services within the class library.

Implement concrete service classes that implement these interfaces.
Register services and their corresponding implementations in the DI container during
application startup. This can be done in the Main method of the Program class by calling
services.AddScoped, services.AddTransient, or services.AddSingleton, depending on the
desired service lifetime.
Optionally, use service lifetimes appropriate for the application’s needs (e.g., transient,
scoped, or singleton) to control the lifetime of service instances.

How do you implement background tasks in ASP.NET Core Web API?

Background tasks in ASP.NET Core Web API can be implemented using hosted services. Hosted
services are long-running background tasks managed by the ASP.NET Core runtime. They run
independently of any incoming HTTP requests and can perform tasks such as background
processing, periodic tasks, or event-driven processing.

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 14 of 28
:
 To implement a background task:

Create a class that implements the IHostedService interface.

Implement the StartAsync and StopAsync methods to start and stop the background task.
Register the hosted service in the DI container during application startup.
ASP.NET Core automatically starts the hosted service when the application starts and stops
it when the application shuts down.

Describe how to use the options pattern for configuration in ASP.NET Core
Web API.

The options pattern in ASP.NET Core simplifies configuration management by providing a way to
map configuration settings from various sources (e.g., JSON files, environment variables) to
strongly typed classes. This pattern is especially useful for organizing and accessing configuration
settings in a type-safe manner.

To use the options pattern:

Define a class to represent the configuration settings.

Configure the settings class using the Configure<TOptions> method in the
ConfigureServices method of the Startup class.
Access the configured settings using dependency injection by injecting an instance of the
settings class where needed.
The options pattern improves maintainability by centralizing configuration logic and provides
compile-time safety by leveraging the C# type system.

How do you manage user sessions in ASP.NET Core Web API?

ASP.NET Core Web API is stateless by default, meaning it does not maintain user sessions
between requests. However, you can implement session management using various techniques:

Token-based authentication: Use JSON Web Tokens (JWT) or OAuth2 tokens for
authentication and authorization. Tokens are self-contained and can store user identity and
other relevant information.
Distributed caching: Store session data in a distributed cache such as Redis or SQL
Server. This allows session data to be shared across multiple servers in a web farm.

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 15 of 28
:
 Cookie-based authentication: Store session identifiers in encrypted cookies. ASP.NET
Core provides built-in support for cookie authentication, which can be used to maintain user
sessions.

What are environment variables, and how do you use them in ASP.NET Core
Web API?

Environment variables are dynamic variables that are part of the environment in which a process
runs. In ASP.NET Core Web API, environment variables are commonly used for configuration and
environment-specific settings. They provide a way to override default configuration settings and
customize application behavior based on the execution environment (e.g., development, staging,
production).

To use environment variables in ASP.NET Core Web API:

Define environment-specific configuration settings in appsettings.json or other configuration

sources.
Optionally, provide default values for configuration settings.
Configure environment variables with names matching configuration keys to override settings
from configuration files.
Access configuration settings using the IConfiguration interface or the options pattern.
Set environment variables using operating system-specific commands or tools provided by
cloud platforms (e.g., Azure App Configuration).

Explain how to implement localization in ASP.NET Core Web API.

Localization in ASP.NET Core Web API allows you to provide multi-language support for your API
responses. To implement localization:

Define resource files (.resx) for each supported language containing key-value pairs of
translated strings.
Configure localization services in the Startup.cs file using the AddLocalization method.
Add middleware to the request pipeline to enable localization and set the current culture
based on the request’s language header or query string.
Use localization helpers such as IStringLocalizer or IViewLocalizer to localize strings in

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 16 of 28
:
 controller actions or views.

How do you configure HTTPS in ASP.NET Core Web API

To configure HTTPS in ASP.NET Core Web API:

Install an SSL certificate on your web server or use development certificates provided by
tools like IIS Express or Kestrel.
Configure Kestrel or IIS to listen for HTTPS requests in the Program.cs or Startup.cs file
respectively.
Use the UseHttpsRedirection middleware to redirect HTTP requests to HTTPS.
Optionally, configure HTTPS settings such as SSL certificate paths, protocols, and port
numbers in the appsettings.json file.

What is the difference between AddMvc() and AddMvcCore() methods in

Program.cs?

AddMvc(): This method adds full MVC services to the application, including support for
features like Razor views, model binding, filters, etc. It registers all the necessary services
required for MVC-based development.
AddMvcCore(): This method adds only the core MVC services to the application without
including features like Razor views or certain conventions. It provides a lighter-weight
alternative for scenarios where full MVC functionality is not required, such as API-only
applications or minimalistic web applications.

How do you implement health checks in ASP.NET Core Web API?

Health checks in ASP.NET Core Web API allow you to monitor the health of your application and its
dependencies. To implement health checks:

Configure health check services in the Startup.cs file using the AddHealthChecks method.
Register health checks for various components such as databases, external services, or
custom checks.
Use health check endpoints to expose the health status of the application, which can be
monitored by external health monitoring systems or load balancers.
Optionally, customize health check responses and configure health check UI endpoints for

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 17 of 28
:
 visual inspection of application health.

Describe the process of deploying an ASP.NET Core Web API application to

IIS.

To deploy an ASP.NET Core Web API application to IIS:

Publish the application to a folder using Visual Studio or the .NET CLI.
Install the ASP.NET Core Hosting Bundle on the target server, which includes the .NET Core
Runtime, ASP.NET Core Runtime, and IIS modules.
Create a new website or application pool in IIS and configure it to use the published folder as
the application root.
Ensure that the application pool identity has appropriate permissions to access the
application files and resources.
Optionally, configure additional settings such as HTTPS bindings, URL rewrite rules, or
application pool settings.

How do you manage configuration settings in ASP.NET Core Web API?

Configuration settings in ASP.NET Core Web API are typically managed using the appsettings.json
file, environment-specific configuration files, environment variables, or Azure Key Vault. To manage
configuration settings:

Define configuration settings in the appsettings.json file using JSON syntax.

Optionally, define environment-specific configuration files such as
appsettings.Development.json or appsettings.Production.json.
Use the ConfigurationBuilder to load configuration settings from various sources and build a
configuration object in the Startup.cs file.
Access configuration settings using the IConfiguration interface in controllers, services, or
middleware components.

Explain the concept of middleware in the ASP.NET Core Web API request
processing pipeline.

Middleware in ASP.NET Core Web API is software components that are executed in the request
processing pipeline to handle requests and responses. Middleware can perform tasks such as

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 18 of 28
:
 request routing, authentication, authorization, logging, error handling, compression, and more.
Middleware components are added to the request pipeline in the Main method of the Program.cs
file using the Use extension methods provided by the IApplicationBuilder interface.

What is the purpose of the launchSettings.json file in ASP.NET Core Web

API?

The launchSettings.json file in ASP.NET Core Web API is used to configure settings for launching
the application in various environments such as development, staging, or production. It defines
profiles for different launch environments, including settings such as application URLs, environment
variables, command-line arguments, and debugger options. The purpose of the launchSettings.json
file is to provide a centralized location for configuring launch settings that can be easily shared
across development teams and development environments.

How do you implement social login (e.g., Google, Facebook) in ASP.NET

Core Web API?

Social login in ASP.NET Core Web API allows users to authenticate using external identity
providers such as Google, Facebook, or Twitter. To implement social login:

Installed and configured external authentication middleware packages such as

Microsoft.AspNetCore.Authentication.Google,
Microsoft.AspNetCore.Authentication.Facebook, etc.
Register the authentication services in the Program.cs file and configure authentication
options such as client ID, client secret, callback URL, and scopes.
Add authentication middleware to the request pipeline and configure authentication schemes
for each identity provider.
Implement callback endpoints to handle authentication callbacks from external identity
providers and exchange tokens for user information.
Use authorization attributes to restrict access to protected resources based on user
authentication status or roles.

In the next article, I will discuss Frequently Asked Top 50 ASP.NET Core Web API Experienced
Interview Questions and Answers. In this article, I provided the list of Frequently Asked Top 50
ASP.NET Core Web API Intermediate Interview Questions and Answers. I hope you enjoy this

https://dotnettutorials.net/lesson/asp-net-core-web-api-intermediate-interview-questions-and-answers/ 05/05/25, 7 33 PM
Page 19 of 28
: