Technical interview Q&A plus 100+ career & HR questions—notice period, salary negotiation, resume, LinkedIn, freelancing, AI careers, and behavioral interviews with detailed, real-world answers.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters are ASP.NET Core’s plug-in points that allow you to inject logic before or after
specific pipeline stages such as:
They help you implement cross-cutting concerns without cluttering controllers or actions.
In enterprise systems, filters are indispensable for:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: filter is a component that allows logic to be executed before or after parts of the request pipeline, such as authorization, action execution, or result processing.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Middleware is a component in the HTTP request pipeline that can:
Middleware can:
Middleware executes in the order it's added in Program.cs.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization, Resource, Action, Exception, and Result filters.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.UseMiddleware<YourMiddleware>();
pp.UseRouting();
pp.UseEndpoints(endpoints => { endpoints.MapControllers();
});
pp.Run();
public void Configure(IApplicationBuilder app,
IWebHostEnvironment env)
{
pp.UseMiddleware<YourMiddleware>();
pp.UseRouting();
pp.UseEndpoints(endpoints => {
endpoints.MapControllers(); });
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization checks directly inside controllers. This led to:
Filters solve these by offering centralized, consistent, and reusable implementation points.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Program.cs:
var builder = WebApplication.CreateBuilder(args);
var app = builder.Build();
app.UseMiddleware<YourMiddleware>();
app.UseRouting();
app.UseEndpoints(endpoints => { endpoints.MapControllers();
});
app.Run();
public void Configure(IApplicationBuilder app,
IWebHostEnvironment env)
app.UseMiddleware<YourMiddleware>();
app.UseRouting();
app.UseEndpoints(endpoints => {
endpoints.MapControllers(); });
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Example – Using ServiceFilter [ServiceFilter(typeof(AuditLogFilter))] public class UserController : ControllerBase { }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Filters promote reusability, separation of concerns, cleaner controllers, and easier maintenance.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization Before everything Identity, JWT, RBAC
Resource Before model binding Caching, request trimming
ction Before/after action Logging, validation
Exception On unhandled errors Global error handling
Result Before/after result Response wrapping,
formatting
Endpoint (ASP.NET Core
7+)
round minimal API
endpoints
Logging, validation
3.1 Authorization Filters
These execute first, determining whether the user can access the route.
Typical use cases:
3.2 Resource Filters
Executed before model binding.
Perfect for:
3.3 Action Filters
The most commonly used filter type.
Great for:
Example – Audit Logging Filter
public class AuditLogFilter : IActionFilter
{
private readonly ILogger<AuditLogFilter> _logger;
public AuditLogFilter(ILogger<AuditLogFilter> logger)
{
_logger = logger;
}
public void OnActionExecuting(ActionExecutingContext context)
{
_logger.LogInformation("Request started at: {time}",
DateTime.UtcNow);
}
public void OnActionExecuted(ActionExecutedContext context)
{
_logger.LogInformation("Request ended at: {time}",
DateTime.UtcNow);
}
}
3.4 Exception Filters
Centralizing error handling is vital in fintech and healthcare APIs.
Example use cases:
3.5 Result Filters
These wrap the response.
Use cases:
3.6 Endpoint Filters (ASP.NET Core 7+)
Primarily for minimal APIs.
Example use cases:
pp.MapGet("/users/{id}", (int id) => GetUser(id))
.AddEndpointFilter(new LoggingEndpointFilter());
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Authorization Filters Resource Filters Action Filters Exception Filters Result Filters Endpoint Filters (ASP.NET Core 7+)
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.Map
Method Description
pp.Use Adds middleware that can call next in the
pipeline.
pp.UseMiddlewar
e<T>()
dds a custom middleware class.
pp.Run Terminal middleware – does not call next. Ends
the pipeline.
pp.Map Branches the pipeline based on URL path (e.g.
/api).
Example:
pp.Use(async (context, next) => {
wait next(); // go to next middleware
});
pp.Run(async context => {
wait context.Response.WriteAsync("Hello World"); //
terminates pipeline
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Diagram)
| Authorization Filter |
| Resource Filter |
| Model Binding Happens |
| Action Filter |
| Action Method |
| Result Filter |
| Response Returned |
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: ction filters wrap the action method; result filters wrap the returned result (like ObjectResult or ViewResult).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Create a class with:
public class MyCustomMiddleware
private readonly RequestDelegate _next;
public MyCustomMiddleware(RequestDelegate next) => _next =
next;
public async Task InvokeAsync(HttpContext context)
// Pre-processing logic
await _next(context);
// Post-processing logic
Register it:
app.UseMiddleware<MyCustomMiddleware>();
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: wait _next(context); // Post-processing logic } } Register it: pp.UseMiddleware<MyCustomMiddleware>();
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters can be created using:
Example – Custom Header Validation Filter
public class HeaderValidationFilter : IActionFilter
{
public void OnActionExecuting(ActionExecutingContext context)
{
if
(!context.HttpContext.Request.Headers.ContainsKey("X-Client-Id"))
{
context.Result = new BadRequestObjectResult("Missing
X-Client-Id header.");
}
}
public void OnActionExecuted(ActionExecutedContext context) { }
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthorization filters always run first. Intermediate Level
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: RequestDelegate is a delegate representing the next middleware in the pipeline: public delegate Task RequestDelegate(HttpContext context); In custom middleware, it allows passing control to the next component.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Middleware is executed in the order it's added, and this order affects
behavior.
Example:
app.UseAuthentication(); // Must come before authorization
app.UseAuthorization();
app.UseEndpoints(...);
Logging, error handling, and security middlewares must be early
in the pipeline.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: They run before model binding and after authorization. Perfect for caching or request trimming.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pp.UseAuthentication(); // Must come before authorization pp.UseAuthorization(); pp.UseEndpoints(...); Logging, error handling, and security middlewares must be early in the pipeline.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
✔ Use Filters When:
❌ Avoid Filters If:
⚠ Pitfall: Filters run per action. Be mindful of expensive operations.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
wait next(); // only called if authenticated
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Set context.Result = new BadRequestObjectResult(...).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Concern Use Filter Use Middleware
Needs controller context ✔ ❌
Needs access before
routing
❌ ✔
Validating request body ❌ ✔
Logging per action ✔ ❌
Exception handling ✔ ✔
💡 Tip: If your logic is unrelated to MVC actions (e.g., CORS, compression),
middleware is the right choice.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Simply don’t call await next() in a middleware: if (!context.User.Identity.IsAuthenticated) context.Response.StatusCode = 401; return; // Short-circuits await next(); // only called if authenticated
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pp.UseStaticFiles() enables serving files from wwwroot. Important: It must be added before routing or endpoints so static files re served without invoking controller logic. pp.UseStaticFiles(); pp.UseRouting(); pp.UseEndpoints(...);
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core filters support DI via:
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Yes—via constructor injection, ServiceFilter, or TypeFilter.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
🏦 Fintech API – Global Exception Filter
Ensures consistent error envelopes across microservices.
🛠 Microservices – Audit Logging
Tracks when sensitive controller actions are executed.
👮 Role-based Authorization
Custom authorization filter validating role claims dynamically.
🚀 Performance Profiling
Times how long each controller method takes.
public class ProfilingFilter : IActionFilter
{
private Stopwatch _watch;
public void OnActionExecuting(ActionExecutingContext context)
{
_watch = Stopwatch.StartNew();
}
public void OnActionExecuted(ActionExecutedContext context)
{
_watch.Stop();
Console.WriteLine($"Action took {_watch.ElapsedMilliseconds}
ms");
}
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
(UseExceptionHandler, UseDeveloperExceptionPage)
only).
a custom page or handler.
Example:
if (env.IsDevelopment())
app.UseDeveloperExceptionPage();
else
app.UseExceptionHandler("/Error");
Or inline:
app.UseExceptionHandler(errorApp =>
errorApp.Run(async context =>
context.Response.StatusCode = 500;
await context.Response.WriteAsync("An error
occurred");
});
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
custom page or handler.
Example:
if (env.IsDevelopment())
pp.UseDeveloperExceptionPage();
else
pp.UseExceptionHandler("/Error");
Or inline:
pp.UseExceptionHandler(errorApp =>
{
errorApp.Run(async context =>
{
context.Response.StatusCode = 500;
wait context.Response.WriteAsync("An error
occurred");
});
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: sync filters implement IAsyncActionFilter and support await, improving scalability.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Filters execute per controller action → use sparingly. Avoid heavy DB calls. Avoid creating new HttpClients or DbContexts inside filters. Prefer asynchronous filters.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Redirects HTTP requests to HTTPS. app.UseHttpsRedirection(); Add early in the pipeline, before auth or routing. You can configure HTTPS ports in launchSettings.json or appsettings.json.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pp.UseHttpsRedirection(); dd early in the pipeline, before auth or routing. You can configure HTTPS ports in launchSettings.json or ppsettings.json.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Yes. They form a pipeline based on their defined order.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
The sequence in which filters run. Lower Order value = earlier execution.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.UseStaticFiles(new StaticFileOptions
{
FileProvider = new
PhysicalFileProvider(Path.Combine(env.ContentRootPath,
"MyFiles")),
RequestPath = "/Files",
OnPrepareResponse = ctx =>
{
ctx.Context.Response.Headers.Append("Cache-Control",
"public,max-age=600");
}
});
For directory browsing:
pp.UseDirectoryBrowser(new DirectoryBrowserOptions
{
FileProvider = new PhysicalFileProvider("path"),
RequestPath = "/browse"
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use:
var httpContext = new DefaultHttpContext();
var context = new ActionExecutingContext(...);
Focus tests on:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pp.Run(async ctx => { wait ctx.Response.WriteAsync("This ends the pipeline"); });
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
middleware
Type Description
Terminal Ends the pipeline. Doesn’t call next(). E.g., app.Run()
Non-Termi
nal
Calls next() and allows other middlewares to run after it.
E.g., app.Use()
Terminal middleware:
app.Run(async ctx => {
await ctx.Response.WriteAsync("This ends the pipeline");
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Mistake Fix
Doing authentication inside action filters Use authorization filters
Performing heavy logic Move to middleware
Not registering filters as services Use DI for maintainability
Returning inconsistent error messages Handle errors via global exception filterASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Yes—action filters have full access to ActionArguments.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.UseAuthentication(); // Validates user identity
pp.UseAuthorization(); // Applies policies/roles
Order matters: must be after routing but before endpoints.
pp.UseRouting();
pp.UseAuthentication();
pp.UseAuthorization();
pp.UseEndpoints(...);
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Exception filters only catch exceptions from MVC actions; middleware catches exceptions from the entire pipeline.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.UseCors("MyPolicy"); Must be placed before routing/endpoints.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: builder.Services.AddCors(options => options.AddPolicy("MyPolicy", policy => policy.WithOrigins(" .AllowAnyHeader() .AllowAnyMethod(); }); }); app.UseCors("MyPolicy"); Must be placed before routing/endpoints.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: wait _next(context); sw.Stop(); Console.WriteLine($"Request took {sw.ElapsedMilliseconds} ms"); } } Register: pp.UseMiddleware<TimingMiddleware>(); Dependency Injection (DI)
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
execution time)
Example custom middleware to measure time:
public class TimingMiddleware
private readonly RequestDelegate _next;
public TimingMiddleware(RequestDelegate next) => _next =
next;
public async Task InvokeAsync(HttpContext context)
var sw = Stopwatch.StartNew();
await _next(context);
sw.Stop();
Console.WriteLine($"Request took
{sw.ElapsedMilliseconds} ms");
Register:
app.UseMiddleware<TimingMiddleware>();
Dependency Injection (DI)
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Dependency Injection (DI) is a design pattern that allows you to inject dependencies (services) into classes instead of hard-coding them.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Caching expensive requests where model binding is unnecessary.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters specifically built for Minimal APIs (introduced in ASP.NET Core 7).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
✅ Capabilities:
⚠ Limitations:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Used for filters that require custom instantiation logic.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Lifetime Description Use Case Example Transient New instance every time Lightweight stateless services Scoped One instance per request Database context, UoW Singleto One instance for the app's lifetime Logging, Config access
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: public void ConfigureServices(IServiceCollection services) { services.AddTransient<IMyService, MyService>(); services.AddScoped<IRepository, Repository>(); services.AddSingleton<ILoggerService, LoggerService>(); }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Lower order executes first on entry but last on exit—like nested layers.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use a mocked HttpContext and assert on changes.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Controllers: Constructor injection Razor Pages: Constructor injection in PageModel Middleware: Inject via constructor or use IApplicationBuilder.ApplicationServices
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use [SkipFilter] custom attribute or exclude via filter predicates.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Constructor Injection: Supported and preferred in ASP.NET Core. Property Injection: Not supported natively in built-in DI; can be achieved via custom logic or 3rd-party containers. ✅ Use constructor injection for immutability and clarity.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
No. But middleware can replace some filter use cases.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
using (var scope = serviceScopeFactory.CreateScope())
{
var scopedService =
scope.ServiceProvider.GetRequiredService<IMyScopedService>();
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Middleware logs incoming requests; action filter logs controller-level execution.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Scoped services are tied to the HTTP request lifecycle. In background tasks, you must manually create a scope using IServiceScopeFactory to resolve scoped services safely.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Mixing sync & async can cause deadlocks. Prefer async filters.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: To replace: services.AddSingleton<IService, CustomImplementation>(); To remove: var descriptor = services.First(x => x.ServiceType == typeof(IMyService)); services.Remove(descriptor);
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Yes—but avoid heavy operations that run per action.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
IOptionsMonitor)
services.Configure<MySettings>(Configuration.GetSection("MySettings"
));
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: there Use IHostedService or BackgroundService for tasks that run in the background. Services are injected via constructor. Scoped services must use IServiceScopeFactory.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use IOptions or DI into constructor.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: IConfiguration is automatically registered and injected via constructor. public MyService(IConfiguration config) { var key = config["MyKey"]; }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
When exceptions must be caught outside MVC (e.g., authorization failures).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core provides structured logging via ILogger<T>.
public class MyService
{
private readonly ILogger<MyService> _logger;
public MyService(ILogger<MyService> logger) => _logger = logger;
public void DoSomething() => _logger.LogInformation("Action
performed");
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
dd custom validation and authorization filters using .AddEndpointFilter().
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Yes—result filters can wrap or modify responses.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Occurs when two services depend on each other directly or indirectly. 🛠 Fix: Refactor to remove circular reference Use Lazy<T> or factory injection Split responsibilities
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use a mocking framework like Moq:
var mockService = new Mock<IMyService>();
mockService.Setup(s => s.Get()).Returns("test");
var controller = new MyController(mockService.Object);
Mocking helps isolate the unit of work and test behavior independently.
MVC & Razor Pages
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
filter that tracks performance of controller actions:
public class ProfilingFilter : IAsyncActionFilter
{
public async Task OnActionExecutionAsync(
ctionExecutingContext context, ActionExecutionDelegate
next)
{
var sw = Stopwatch.StartNew();
var result = await next();
sw.Stop();
Console.WriteLine($"Action took
{sw.ElapsedMilliseconds}ms");
}
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
How does it differ from MVC in
“older” ASP.NET?
🔹 Key differences in ASP.NET Core:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core 2.0.
controller combined).
✅ Use Razor Pages for:
✅ Use MVC for:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
When to use Razor Pages instead of
MVC?
ASP.NET Core 2.0.
controller combined).
✅ Use Razor Pages for:
✅ Use MVC for:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Example:
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
/Pages/Products/Edit.cshtml.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: }"); Razor Pages Routing: Based on folder structure. URL /Products/Edit maps to /Pages/Products/Edit.cshtml.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: view or JSON). View: .cshtml file that renders HTML. View Component: Reusable mini-views with logic (like partials but with code-behind).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
a view or JSON).
with code-behind).
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Tag Helpers: Use HTML-like syntax. Easier to read/maintain.
<form asp-controller="Home" asp-action="Login"></form>
@Html.BeginForm("Login", "Home")
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
ta cross requests No Preserved for 1 redirect only
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Purpose ViewDa Current request No Pass data to views ViewBa Current request Yes ViewData wrapper (dynamic) TempD ata Across requests No Preserved for 1 redirect only
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Automatically maps form values, query strings, route data to C# model properties. public IActionResult Submit(User user) { ... } Binds complex types and simple types out-of-the-box.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Decorate model properties: public class User { [Required] [EmailAddress] public string Email { get; set; } } Automatically validated during model binding. Use ModelState.IsValid to check.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: IValidatableObject: public IEnumerable<ValidationResult> Validate(ValidationContext context) Custom Attribute: public class MyCustomAttribute : ValidationAttribute { public override bool IsValid(object value) { ... } }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
_Layout.cshtml.
public class CartViewComponent : ViewComponent {
public IViewComponentResult Invoke() => View("Cart",
model);
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Via ViewBag / ViewData / Model: return View(model); // Strongly typed ViewBag.Message = "Hello"; ViewData["Count"] = 5;
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: ActionFilter: Runs before/after action method. ResultFilter: Runs before/after view result. ExceptionFilter: Catches unhandled exceptions. Apply globally or via attributes. public class LogActionFilter : IActionFilter { ... }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Razor Pages use handler methods: public class IndexModel : PageModel { public void OnGet() { ... } public IActionResult OnPost() { ... } } You can use asp-page-handler="Update" for custom methods.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Inject services into PageModel constructor: public IndexModel(IMyService service) { ... } Also available in Razor views via @inject: @inject ILogger<MyPage> Logger
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Reusable libraries that contain Razor views, pages, static files, etc. Share UI components across multiple projects. dotnet new razorclasslib
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Used to organize large applications into sections (e.g., Admin, Customer). Each Area has its own Controllers/Views/Models. [Area("Admin")] public class DashboardController : Controller { ... }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Handled via: ASP.NET Core Middleware WebOptimizer, Gulp, or Webpack Static files in wwwroot/ Enable in Startup.cs: app.UseStaticFiles();
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: ASP.NET Core supports Razor by default. You can add support for custom view engines by implementing IViewEngine.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use IStringLocalizer<T> or IViewLocalizer: @inject IViewLocalizer Localizer <h1>@Localizer["Welcome"]</h1> Add resource .resx files for each language.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
large, modular apps.
Web API (RESTful Services)
Web API (RESTful Services)
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
REST (Representational State Transfer) is an architectural style for
building scalable web services. RESTful APIs follow standard HTTP
methods (GET, POST, PUT, DELETE) and stateless communication.
✅ Key principles for RESTful API in ASP.NET Core:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
How to design RESTful APIs in ASP.NET Core
REST (Representational State Transfer) is an architectural style for
building scalable web services. RESTful APIs follow standard HTTP
methods (GET, POST, PUT, DELETE) and stateless communication.
✅ Key principles for RESTful API in ASP.NET Core:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: SP.NET Core. ✅ Benefits: Automatic model validation Infer [FromBody] / [FromQuery], etc. 400 BadRequest returned automatically if model state is invalid. Improved parameter binding behavior
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
The [ApiController] attribute is used to denote Web API controllers in
ASP.NET Core.
✅ Benefits:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
templates)
[Route("api/products")]
[ApiController]
public class ProductsController : ControllerBase {
[HttpGet("{id}")]
public IActionResult Get(int id) { ... }
}
Use placeholders like {id}, constraints like {id:int}.
You can also define route prefixes at controller level and use relative routes
in actions.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
media type versioning)
Use Microsoft.AspNetCore.Mvc.Versioning package.
✅ Supported methods:
application/vnd.company.v1+json
services.AddApiVersioning(options => {
options.ReportApiVersions = true;
options.AssumeDefaultVersionWhenUnspecified = true;
options.DefaultApiVersion = new ApiVersion(1, 0);
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pplication/vnd.company.v1+json services.AddApiVersioning(options => { options.ReportApiVersions = true; options.AssumeDefaultVersionWhenUnspecified = true; options.DefaultApiVersion = new ApiVersion(1, 0); });
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: SP.NET Core selects the response format based on the Accept header. JSON is the default. To add XML: services.AddControllers() .AddXmlSerializerFormatters(); ccept: application/xml
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core infers the source when possible.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: form Source Attribute Body [FromBody Query string [FromQuer Route [FromRout Form data [FromForm Header [FromHear ASP.NET Core infers the source when possible.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: For large uploads, use IFormFile, Stream, or read from Request.Body for streaming. For downloads, return FileStreamResult. Enable buffering or streaming to avoid memory overload.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pp.UseExceptionHandler(config => { config.Run(async context => { // Log and return problem details }); }); Or use ProblemDetails for structured error responses.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use UseExceptionHandler middleware or custom ExceptionMiddleware.
You can also create a global error handler:
app.UseExceptionHandler(config => {
config.Run(async context => {
// Log and return problem details
});
});
Or use ProblemDetails for structured error responses.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use proper status codes:
return Ok(result);
return NotFound();
return BadRequest(ModelState);ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
public ActionResult<Product> Get(int id) { ... }
Prefer ActionResult<T> for simpler, strongly-typed APIs.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
NotFound() : Ok(product); ✅ Improves scalability and performance.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core supports full async/await pattern for IO-bound tasks.
[HttpGet]
public async Task<ActionResult<Product>> GetAsync(int id) {
var product = await _repo.GetAsync(id);
return product == null ? NotFound() : Ok(product);
}
✅ Improves scalability and performance.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Enable CORS (Cross-Origin Resource Sharing) to allow client apps from
different domains:
services.AddCors(options => {
options.AddPolicy("AllowFrontend", builder =>
builder.WithOrigins("
.AllowAnyHeader()
.AllowAnyMethod());
});
app.UseCors("AllowFrontend");
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: It can enforce rate limiting to prevent abuse and throttling to limit the number of requests a client can make.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use Swashbuckle.AspNetCore or NSwag for generating Swagger docs. services.AddSwaggerGen(); app.UseSwagger(); app.UseSwaggerUI(); Supports: Auto-generated OpenAPI docs Try it out interface Versioning support
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pp.UseSwagger(); pp.UseSwaggerUI(); Supports: Auto-generated OpenAPI docs Try it out interface Versioning support
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
+ HttpClient.
var client = _factory.CreateClient();
var response = await client.GetAsync("/api/products");ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
services.AddAuthentication(JwtBearerDefaults.AuthenticationSch
eme)
.AddJwtBearer(options => { ... });
[Authorize(Roles = "Admin")]
providers.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: HTTPS: Enforced via UseHttpsRedirection() CORS: Limit origins using policies Anti-forgery: Usually not needed for APIs unless using cookies (use ValidateAntiForgeryToken) Use authentication + authorization checks for all endpoints
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: DTOs decouple internal models from API contracts. Use AutoMapper for mapping: CreateMap<Product, ProductDto>(); var dto = _mapper.Map<ProductDto>(product);
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Avoid breaking changes to existing endpoints. Use new versions for changes in contracts. Maintain old versions as long as needed. Ensure documentation and clients are updated accordingly.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Example with EF Core:
modelBuilder.Entity<Product>()
.Property(p => p.RowVersion).IsRowVersion();
Return 409 Conflict if concurrency exception is caught.
Model Binding & Validation
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Model binding in ASP.NET Core maps incoming HTTP data to C# parameters or model
properties.
🔍 Sources considered:
ASP.NET Core automatically binds data based on parameter types and attributes
([FromBody], [FromQuery], etc.).
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: SP.NET Core automatically binds data based on parameter types and attributes ([FromBody], [FromQuery], etc.).
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
form fields.
or JSON body.
public IActionResult Create([FromBody] Product product)ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use a custom model binder when default binding doesn’t work (e.g., custom formats,
headers).
public class CustomBinder : IModelBinder {
public Task BindModelAsync(ModelBindingContext context) {
// Custom logic here
}
}
Register with [ModelBinder] or globally in Startup.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
[FromQuery], etc.)
You cannot bind multiple [FromBody] parameters in a single action.
Common sources:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Decorate models with attributes: public class User { [Required] [StringLength(50)] [EmailAddress] public string Email { get; set; } } Used in both MVC and API for validation.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Server-side: Always performed on the server; use ModelState.IsValid. Client-side: HTML5 + jQuery Unobtrusive Validation (for MVC/Razor Pages). Client-side validation improves UX, but server-side is essential for security.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Create custom rules by inheriting ValidationAttribute:
public class MustBeEvenAttribute : ValidationAttribute {
public override bool IsValid(object value) {
return (int)value % 2 == 0;
}
}
Use like:
[MustBeEven]
public int Number { get; set; }ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use for cross-field validation within a model:
public class Product : IValidatableObject {
public string Name { get; set; }
public decimal Price { get; set; }
public IEnumerable<ValidationResult> Validate(ValidationContext
context) {
if (Price < 0) {
yield return new ValidationResult("Price must be
positive");
}
}
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
public class UserValidator : AbstractValidator<User> {
public UserValidator() {
RuleFor(x => x.Email).NotEmpty().EmailAddress();
}
}
Register with:
services.AddFluentValidationAutoValidation();
✅ Offers more readable and testable validation logic than data annotations.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
ModelState.IsInvalid.
ModelState.IsValid.
if (!ModelState.IsValid) return View(model);ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Used to check if bound model passed validation: if (!ModelState.IsValid) { return BadRequest(ModelState); } MVC automatically adds errors to ModelState based on validation attributes.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: SP.NET Core supports binding nested properties: public class Order { public Customer Customer { get; set; } public List<Product> Products { get; set; } } Works seamlessly from JSON or form data if property names match.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use [Required] for non-nullable fields. For optional values, use nullable types. Use ModelState to report and handle missing/invalid fields. Return custom error messages if needed.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Model binding does not sanitize input — it binds raw data. 🛡 To prevent attacks (XSS, injection), sanitize: Strings: HTML encode output (@Html.Encode) Manually clean input before use Use antivirus/malware scanners for uploaded files
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Used for file uploads from forms (not [FromBody]):
public IActionResult Upload(IFormFile file)
{
var path = Path.Combine("uploads", file.FileName);
using var stream = new FileStream(path, FileMode.Create);
file.CopyTo(stream);
}
📝 For multiple files:
List<IFormFile> files
Configuration & AppSettings
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Development, Production).
🔧 ASP.NET Core loads them automatically based on the environment:
ASPNETCORE_ENVIRONMENT=Development
✅ Loaded in order of precedence, where later files override earlier ones.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: SPNETCORE_ENVIRONMENT=Development ✅ Loaded in order of precedence, where later files override earlier ones.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Production)
ASP.NET Core uses the ASPNETCORE_ENVIRONMENT variable to determine the runtime
environment.
Supported environments (by convention):
Environment-specific logic can be applied:
if (env.IsDevelopment()) { ... }
Also used to load:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core uses the ASPNETCORE_ENVIRONMENT variable to determine the runtime
environment.
Supported environments (by convention):
Environment-specific logic can be applied:
if (env.IsDevelopment()) { ... }
lso used to load:
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
✅ ASP.NET Core supports hierarchical override of config sources:
MyApp__Logging__LogLevel__Default=Warning
dotnet run --Logging:LogLevel:Default=Debug
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Inject IConfiguration anywhere:
public class MyService {
private readonly string _apiKey;
public MyService(IConfiguration config) {
_apiKey = config["MySettings:ApiKey"];
}
}
You can also access nested settings via config.GetSection("MySettings").
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Bind config to strongly typed objects:
public class MySettings {
public string ApiKey { get; set; }
public int Timeout { get; set; }
}
services.Configure<MySettings>(config.GetSection("MySettings"));
Use via IOptions<MySettings>.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
IOptionsMonitor<T>)
services.
public MyService(IOptions<MySettings> options) {
var settings = options.Value;
}ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: User Secrets (for local dev): dotnet user-secrets init dotnet user-secrets set "MySettings:ApiKey" "secret" Azure Key Vault: builder.Configuration.AddAzureKeyVault(...); ✅ Secure sensitive data like API keys, connection strings, tokens.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
In appsettings.json:
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
}
Supports built-in providers: Console, Debug, EventSource, Azure, etc.
Custom configuration through ILogger<T>.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Stored under "ConnectionStrings" section in appsettings.json:
"ConnectionStrings": {
"DefaultConnection":
"Server=.;Database=AppDb;Trusted_Connection=True;"
}
Read via:
var conn = config.GetConnectionString("DefaultConnection");
Or inject via Options pattern.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
JSON files support live reload:
builder.Configuration.AddJsonFile("appsettings.json", optional:
false, reloadOnChange: true);
IOptionsMonitor<T> automatically updates bound values when config changes.
🔁 Does not work with all sources (e.g., env vars, command line).
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Using POCOs and Options pattern allows type-safe config: services.Configure<MySettings>(config.GetSection("MySettings")); Use [Required], [Range], etc., to add validation.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
You can validate bound config using IValidateOptions<T>:
public class MySettingsValidator : IValidateOptions<MySettings> {
public ValidateOptionsResult Validate(string name, MySettings
options) {
if (string.IsNullOrWhiteSpace(options.ApiKey)) {
return ValidateOptionsResult.Fail("ApiKey is
required.");
}
return ValidateOptionsResult.Success;
}
}
Register with DI:
services.AddSingleton<IValidateOptions<MySettings>,
MySettingsValidator>();
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: SP.NET Core supports multiple configuration providers: JSON (default) Environment Variables Command Line Args INI files XML files In-memory Azure App Configuration Azure Key Vault Secrets Manager Each can be chained with priority.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
? "fallback";
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use default values in POCOs or fallback logic: public class MySettings { public string ApiKey { get; set; } = "default-api-key"; } Or: var apiKey = config["MySettings:ApiKey"] ?? "fallback";
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
✅ Best practices:
_logger.LogInformation("Token: {Token}", Mask(token));
Authentication & Authorization
(JWT, Identity)
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthentication & Authorization (JWT, Identity)
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
action (What are you allowed to do?)
In ASP.NET Core, both are handled via middleware and attributes like [Authorize], roles,
and policies.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: ction (What are you allowed to do?) In ASP.NET Core, both are handled via middleware and attributes like [Authorize], roles, nd policies.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core Identity provides a complete solution for:
✅ Setup:
dotnet add package Microsoft.AspNetCore.Identity.EntityFrameworkCore
In Startup or Program.cs:
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
JWT (JSON Web Token) is a compact, URL-safe token format used for authentication.
✅ Configure JWT auth:
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
options.TokenValidationParameters = new
TokenValidationParameters {
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new
SymmetricSecurityKey(Encoding.UTF8.GetBytes("your-secret"))
};
});
Use [Authorize] to secure endpoints.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
✅ Role-based:
[Authorize(Roles = "Admin")]
✅ Policy-based:
services.AddAuthorization(options => {
options.AddPolicy("CanEdit", policy =>
policy.RequireClaim("EditPermission"));
});
Then use:
[Authorize(Policy = "CanEdit")]
Policy-based gives more flexibility (custom requirements, claims, logic).
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
.Value;
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: dd claims when creating identity: var claims = new List<Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim("Permission", "Edit") }; ccess in code: var claim = User.FindFirst("Permission")?.Value;
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Used in traditional MVC apps for session-based auth.
services.AddAuthentication(CookieAuthenticationDefaults.Authenticati
onScheme)
.AddCookie(options => {
options.LoginPath = "/Account/Login";
});
On login:
await HttpContext.SignInAsync(principal);
Cookies are stored in the browser and sent with each request.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: wait HttpContext.SignInAsync(principal); Cookies are stored in the browser and sent with each request.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: lso supports: Facebook Microsoft Twitter OpenID Connect Azure AD Use RemoteAuthenticationHandler<T> or Identity scaffolding.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Use built-in providers:
services.AddAuthentication()
.AddGoogle(options => {
options.ClientId = "...";
options.ClientSecret = "...";
});
Also supports:
Use RemoteAuthenticationHandler<T> or Identity scaffolding.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Used with JWT to renew access tokens after expiration without logging in again.
You must manually implement refresh token logic (not built-in to Identity).
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
✅ Configure expiration:
Expires = DateTime.UtcNow.AddMinutes(30)
✅ Use refresh tokens to handle expiration.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: [Authorize]: Requires authenticated user [Authorize(Roles = "Admin")]: Requires role [AllowAnonymous]: Allows access without login Example: [Authorize] public IActionResult Dashboard() { } [AllowAnonymous] public IActionResult Login() { }
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Define complex authorization rules using IAuthorizationHandler:
public class MinimumAgeRequirement : IAuthorizationRequirement {
public int Age { get; }
public MinimumAgeRequirement(int age) => Age = age;
public class MinimumAgeHandler :
AuthorizationHandler<MinimumAgeRequirement> {
protected override Task HandleRequirementAsync(...) {
// logic
Register in DI and use with [Authorize(Policy = "...")].
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: uthorizationHandler<MinimumAgeRequirement> { protected override Task HandleRequirementAsync(...) { // logic } } Register in DI and use with [Authorize(Policy = "...")].
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core uses Data Protection API to:
Configure:
services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo("path"))
.SetApplicationName("AppName");
Used internally by Identity and cookie middleware.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Multi-tenancy can involve:
Strategies:
Can integrate with IdentityServer4 or Azure AD B2C for federated auth.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
SP.NET Core Identity uses PBKDF2 hashing by default.
Best practices:
Use:
PasswordHasher<T>.HashPassword(user, password)
Can switch to Argon2, Bcrypt via custom password hasher.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Supported out of the box in ASP.NET Core Identity.
Options:
Enable via Identity configuration:
services.Configure<IdentityOptions>(options => {
options.SignIn.RequireConfirmedEmail = true;
});
Use SignInManager<T> to handle verification and token generation.
Filters & Middleware Overlaps
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters are components that run code before or after certain stages in the request pipeline
within MVC or Razor Pages. Types of filters include:
Filters allow you to inject logic at these specific points.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
request.
handlers.
scoped to MVC processing.
for concerns around controller/action execution.ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters run in a specific order depending on their type:
Within each type, filters can be ordered by their Order property and whether they are global,
controller-level, or action-level.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Create a custom filter by implementing one of the filter interfaces like:
public class CustomActionFilter : IActionFilter
{
public void OnActionExecuting(ActionExecutingContext context)
{
// Before action executes
}
public void OnActionExecuted(ActionExecutedContext context)
{
// After action executes
}
}
Register globally in Startup:
services.AddControllersWithViews(options =>
{
options.Filters.Add<CustomActionFilter>();
});
Or decorate controllers/actions:
[ServiceFilter(typeof(CustomActionFilter))]
public class HomeController : Controller { ... }ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
options.
actions.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: ctions. Global filters are best for cross-cutting concerns like logging, exception handling. Controller/action filters are best for behavior specific to particular routes or endpoints.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters receive context objects (e.g., ActionExecutingContext) providing:
This allows filters to inspect, modify, or block processing at their stage.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Filters can short-circuit by setting the result early, preventing further execution:
public void OnActionExecuting(ActionExecutingContext context)
{
if (!IsAuthorized())
{
context.Result = new UnauthorizedResult(); // stops pipeline
here
}
}
This prevents action execution and later filters from running.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
limited DI capabilities.
resolved from DI container, enabling constructor injection.
Use service-based filters when you need dependencies injected.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
authentication).
validation, caching).
MVC-specific exceptions and returning appropriate views or API responses.
Versioning, CORS
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
uthentication).
validation, caching).
MVC-specific exceptions and returning appropriate views or API responses.
Versioning, CORS
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
api-version=1.0)
Use the Microsoft.AspNetCore.Mvc.Versioning NuGet package:
services.AddApiVersioning(options => {
options.AssumeDefaultVersionWhenUnspecified = true;
options.DefaultApiVersion = new ApiVersion(1, 0);
options.ReportApiVersions = true;
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
PI versioning enables multiple versions of your API to coexist, allowing clients to migrate
gradually.
Common ways to version APIs in ASP.NET Core:
● Media type versioning (via Accept header, e.g., application/json;v=1)
Use the Microsoft.AspNetCore.Mvc.Versioning NuGet package:
services.AddApiVersioning(options => {
options.AssumeDefaultVersionWhenUnspecified = true;
options.DefaultApiVersion = new ApiVersion(1, 0);
options.ReportApiVersions = true;
});
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Semantic versioning (semver) uses MAJOR.MINOR.PATCH format, e.g., 1.2.0.
Version negotiation allows clients and servers to agree on an API version via headers or
URL. Servers should support multiple versions and respond with supported version info.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
CORS (Cross-Origin Resource Sharing) is a browser security feature that restricts web
pages from making requests to a different domain than the one that served the web page, to
prevent cross-site attacks.
CORS defines a way for servers to allow controlled access to resources from a different
origin.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Configure in Startup.cs or Program.cs:
services.AddCors(options =>
options.AddPolicy("AllowSpecificOrigin",
builder =>
builder.WithOrigins("
.AllowAnyHeader()
.AllowAnyMethod();
});
});
Enable middleware:
app.UseCors("AllowSpecificOrigin");
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pp.UseCors("AllowSpecificOrigin");
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
headers), browsers send an OPTIONS request first, called a preflight.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
pipeline with app.UseCors(...).
[EnableCors("PolicyName")] or [DisableCors] attributes on controllers or
actions.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
builder.WithOrigins("
.AllowCredentials()
.AllowAnyHeader()
.AllowAnyMethod();
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Cross‑Cutting / Advanced / “Miscellaneous”
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
fast.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
(w3wp.exe), better performance.
it.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Services must expose health check endpoints. These are periodically checked by service discovery systems (like Consul, Eureka, or Kubernetes) to ensure that only healthy services are available for discovery.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: ASP.NET Core has built-in logging with providers (Console, Debug, EventSource). Third-party libs like Serilog and NLog offer rich sinks, structured logging. Configure logging via appsettings.json or code.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: compression In-memory caching stores data on server memory for fast retrieval. Distributed caching uses external stores (Redis, SQL) for multiple servers. Response compression reduces payload size using gzip, Brotli middleware.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Avoid blocking calls in async code to prevent deadlocks. Use async/await properly. Protect shared data with locks or concurrent collections. Avoid thread starvation with thread pool tuning.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Memory leaks can occur if IDisposable objects aren’t disposed. Use dependency injection lifetimes properly. Be cautious with static references and events holding objects. Use tools like dotMemory, PerfView.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Design apps to be stateless so any server instance can handle requests. Use distributed caches or external session stores. Load balancers distribute traffic to multiple instances.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Containerize apps with Docker for consistent deployments. Use Azure App Services, Azure Kubernetes Service for cloud hosting. Set up CI/CD pipelines (GitHub Actions, Azure DevOps) for automated builds and deployments.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Monitor app health, request metrics, errors. Use OpenTelemetry for distributed tracing. Integrate with Application Insights, Prometheus, Grafana.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Enforce HTTPS. Use Anti-forgery tokens to prevent CSRF. Sanitize input to prevent XSS. Follow OWASP guidelines to secure apps.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use Response Compression Middleware to compress responses. Use Response Caching Middleware to cache GET responses. Middleware can be composed for layered processing.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Response caching caches HTTP responses based on headers. Output caching (new in ASP.NET Core 7) caches entire output of endpoints.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use Redis or SQL Server for distributed cache/session in multi-server environments. Helps maintain session state without sticky sessions.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Enables real-time bi-directional communication. Supports WebSockets, Server-Sent Events, long polling.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use IHostedService or BackgroundService to run background tasks. Useful for timers, queue processing.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Stream large files efficiently using FileStreamResult. Use async IO to avoid blocking.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Track latest improvements like minimal APIs, source generators, performance boosts. Keep updated with latest SDKs. Scenario / Design & Best Practices
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
rchitecture, onion architecture)
logic), Domain (entities, business rules), Infrastructure (data access, external
services).
towards the domain layer.
pointing inward.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
not implementations.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use DI to manage lifecycle of DbContext as Scoped. Avoid manual disposal; rely on DI container. Dispose IDisposable objects promptly when created manually. Use using statements for short-lived resources.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Write loosely coupled code via DI. Mock external dependencies for unit tests. Use in-memory databases (e.g., InMemory EF Core) for integration tests. Isolate layers to enable focused testing.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Logging: recording app events/info. Tracing: tracking execution flow across components or services. Exception reporting: capturing and notifying on errors. Use structured logging and distributed tracing for diagnostics.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: migrations) Use No Tracking queries for read-only data to improve performance. Use lazy loading cautiously; prefer explicit loading to avoid surprises. Manage migrations with proper version control. Use async queries to avoid blocking.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Apply migrations in CI/CD pipeline with proper backups. Use transactional migrations where supported. Run migrations during maintenance windows. Test migrations in staging before production.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Maintain multiple API versions with clear deprecation policies. Avoid breaking changes; use additive changes. Communicate version lifecycle clearly to consumers.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Protect APIs from abuse using rate limits (requests per second/minute). Use libraries like AspNetCoreRateLimit or API Gateway features. Implement IP-based or user-based throttling.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use global exception handling middleware. Return meaningful HTTP status codes and error details. Avoid leaking sensitive info. Implement retry policies for transient errors.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Handle shutdown signals to complete ongoing requests. Dispose resources correctly. Use IHostApplicationLifetime events to hook into shutdown process.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use Azure Key Vault, AWS Secrets Manager, or HashiCorp Vault. Avoid storing secrets in code or config files. Use environment variables or user secrets during development.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Inject config via environment variables or secret stores in pipelines. Use multiple config files per environment (appsettings.Development.json). Secure sensitive values using CI/CD secret management.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use resource files (.resx) for strings. Configure RequestLocalizationMiddleware. Support multiple cultures and fallback cultures. Localize data formats, dates, currencies.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
injection, XSS etc)
Sample / Misc Interview Questions
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
HTTP response (Ok, NotFound, Redirect, etc.).
data or an HTTP response. Improves clarity and enables better OpenAPI docs.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
registration and middleware setup with a simplified, top-level statement style.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
controller classes.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Use binding redirects (in .NET Framework). Use assembly version unification and strong-named assemblies. In .NET Core, resolve via NuGet package management, use central package versions. Consider upgrading or consolidating dependencies.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Introduced in ASP.NET Core 3.0. Centralized routing system that decouples route matching from middleware. Routes requests to endpoints defined by controllers, Razor Pages, minimal APIs. Supports route-based middleware filters.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
applied globally.
([Route], [HttpGet]).
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: pplied globally. Attribute routing: Routes declared directly on controllers/actions via attributes ([Route], [HttpGet]). Attribute routing is more flexible and explicit.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Add Swashbuckle.AspNetCore NuGet package. Configure Swagger services (builder.Services.AddSwaggerGen()). Enable middleware (app.UseSwagger(), app.UseSwaggerUI()). Customize with options like API info, document filters, UI themes.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: types Automatically selects response format (JSON, XML) based on Accept header. Configured via formatters in MVC options. Falls back to default formatter if no match.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Standardized error response format defined by RFC 7807. Contains properties like status, title, detail, instance. Used by default in ASP.NET Core for error responses.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: error responses Implement custom exception handling middleware. Catch exceptions, set HTTP status, and return custom JSON payload. Use UseExceptionHandler() or global filters. Customize ProblemDetails or your own error models.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Accept CancellationToken parameter in action methods. Pass token to async calls to support request cancellation. Improves responsiveness and resource management.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: configure them Default max request body size is 30 MB. Configure via RequestSizeLimit attribute or KestrelServerOptions.Limits.MaxRequestBodySize. For IIS, adjust maxAllowedContentLength.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
Answer: Add ResponseCompression middleware. Register compression providers (AddResponseCompression()) in Program.cs. Configure supported MIME types and compression level.
In a production ASP.NET Core application, teams apply this when handling user-facing features or integration boundaries. For example, you might use it during a sprint where reliability and observability matter—logging metrics, validating edge cases, and documenting the decision in an ADR so future developers understand why the approach was chosen.
Tip: Practice aloud on Toolliyo mock interview or the Interview Q&A section before your real interview.
ASP.NET Core ASP.NET Core Tutorial · ASP.NET Core
deserialization).