A very concise list of each possibilities of minimal API from David Fowler : Minimal APIs at a glance. This is a must that everyone starting to use the minimum API should check out!
Some of this tips can not be easily find in documentation or be split into multiples (too) large pages. This list is just as I like, free of noise.
Asp.Net Core
Improving Azure Key Vault use as configuration source in ASP.NET Core
Something I’ve missed: loading Key Vault secrets in .Net Core as configuration source can be a lengthy process if you don’t opt-out from unused authentication modes.
Hopefully, authentication chain construction can be customized by setting numerous ExcludeXxxx properties of DefaultAzureCredentialOptions. Some of these property are true by default but only a few.
More details here: Improving Azure Key Vault Performance in ASP.NET Core By Up To 10x (the assertion “Up to 10x” is a bit marketing, actual gain should be tested as it depends on many factors 🙂 ).
RecyclableMemoryStream, a better MemoryStream
More than 5 years after my first discovery, RecyclableMemoryStream is still relevant. With a clever use of buffer chains, this class should be used in (any) situation where a MemoryStream could be used.
This project has evolved to take into account the new memory efficiency paradigms integrated into the latest versions of .Net Core (Span, ReadOnlySpan, ReadOnlySequence, and Memory). It is more useful than ever to reconcile throughput and CPU load.
From Github project’s Readme.md:
“In particular it is optimized to do the following:
- Eliminate Large Object Heap allocations by using pooled buffers
- Incur far fewer gen 2 GCs, and spend far less time paused due to GC
- Avoid memory leaks by having a bounded pool size
- Avoid memory fragmentation
- Allow for multiple ways to read and write data that will avoid extraneous allocations
- Provide excellent debuggability and logging
- Provide metrics for performance tracking“
DamianEdwards/MinimalApiPlayground
Some sample API implemented in .Net 6.0 using minimal API with customized OpenApi support:
- a playground with different test cases of miminal API possibilities (Results, custom I
Results
, advanced binding, etc…), - a classical TODO Api in EF Core,
- a classical TODO Api in Dapper,
with validation support using System.ComponentModel.Validation extended by MinimalApis.Extensions (for now in preview).
Tomasz Pęczek repositories
Tomasz GitHub is a gem of asp.Net core related stuff:
- I’ve already write about (Server Timing during API calls for ”Server-Timing” header use),
- GraphQl explained with performance in mind and Azure functions and Cosmos DB compatibility,
- NDJson (Newline Delimited JSON) support in streaming cases,
- Server side push using WebSocket and Server Side Events,
- and some very good sample projects (Demo.AspNetCore.WebApi, Demo.Azure.Functions.GraphQL, etc…)
Each subject is largely explain in understandable but not simplistic blog posts (and often very advanced technically) . Multiples sample projects are present. A very educational approach that makes you want to dig deeper.
Server Timing during API calls
Today, I was looking Developer Tools in Chrome to understand some request duration. My request takes more than 10 secondes :

10 seconds seems very long but but Timing tab don’t give me why. I suddenly saw the bottom part of this screen:

I don’t know if it’s a recent addition or if it’s been around for a long time, whatever, it looks promising. The link provided is not particularily interesting for me because its focus is mainly on browser part but it gives me a cue: a response header called “Server-Timing”.
Like always, some googling gives me a W3C working draft complete but not too much user friendly and a more understandable Server-Timing on MDN. This”Server-Timing” header is what I was missing. A standardized way of producing detailed information about the duration of what happened while processing the request. An Chrome is able to show them very easily. Perfect.
Some more search gives me a blog post (C# – How to add request timings to an ASP.Net project) about a pretty good implementation in .Net tpeczek/Lib.AspNetCore.ServerTiming in GitHub. A service to produce metrics and a middleware to write the now famous “Server-Timing” header. Clean!
Of course, for security reasons, it’s best to restrict the production of these metrics to some environments (perhaps internals only) or even to specifics clients (it could be restricted to authenticated users with some claims).
LettuceEncrypt: Free, automatic HTTPS certificate generation for ASP.NET Core web apps
Easy way to use Let’s Encrypt in Kestrel scenarios: LettuceEncrypt for ASP.NET Core
Cons:
- only work when kestrel receive encrypted traffic (either in edge mode or behind a TCP load balancer transmitting encrypted traffic),
- This repos in in maintenance mode.
Pros:
- a Nate McMaster project even if he is no longer a MS employee,
- Storage is largely customizable : Let’s Encrypt account private key, generated certificate,
- have been choosen as documented way of adding Let’s Encrypt support in Yarp.
Detailed recipe to integrate NGrok into an ASP.Net 6 WebApp
Detailed recipe to integrate NGrok into an ASP.Net 6 WebApp using a BackGroundService and calling local ngrok API to get NGrok forwarding URL. Nice and simple!
Integrate ngrok into ASP.NET Core startup and automatically update your webhook URLs
MsDeploy, IIS and app_offline.htm
How to ask MsDeploy to use app_offline.htm IIS’s trick to shutdown IIS Website before new deployment (preventing lock file issue):
Locked Files When Publishing .NET Core Apps to IIS with WebDeploy – Rick Strahl’s Web Log
Customizing Authorization Responses in .NET 5.0
Easy, we just have to implement an IAuthorizationMiddlewareResultHandler and regsiter it :
services.AddAuthorization(options => ...)
More here: Customizing Authorization Responses in .NET 5.0 – Ben Foster.
.AddSingleton<IAuthorizationMiddlewareResultHandler, MyAuthorizationMiddlewareResultHandler>();