Isaac.

Exploring Minimal APIs

Build lightweight APIs with ASP.NET Core minimal APIs.

By EMEPublished: February 20, 2025
minimal apisaspnet corelightweightrouting

A Simple Analogy

Minimal APIs are like a fast-food counter. No bloat, just order → execute → deliver.

Why Minimal APIs?

  • Lightweight: Less ceremony than controllers
  • Fast: Reduced overhead
  • Modern: C# 10+ features
  • Testing: Easy to test
  • Microservices: Perfect for small services

Basic Endpoints

var builder = WebApplication.CreateBuilder(args);
var app = builder.Build();

// GET endpoint
app.MapGet("/products/{id}", GetProduct)
    .WithName("GetProduct")
    .WithOpenApi();

// POST endpoint
app.MapPost("/products", CreateProduct)
    .WithValidation()
    .WithOpenApi();

// PUT endpoint
app.MapPut("/products/{id}", UpdateProduct);

// DELETE endpoint
app.MapDelete("/products/{id}", DeleteProduct);

app.Run();

async Task<IResult> GetProduct(int id)
{
    var product = await _db.Products.FindAsync(id);
    return product != null ? Results.Ok(product) : Results.NotFound();
}

async Task<IResult> CreateProduct(CreateProductRequest request)
{
    var product = new Product { Name = request.Name, Price = request.Price };
    _db.Products.Add(product);
    await _db.SaveChangesAsync();
    return Results.Created($"/products/{product.Id}", product);
}

Groups & Organization

var productGroup = app.MapGroup("/api/products")
    .WithTags("Products");

productGroup.MapGet("/", GetAllProducts);
productGroup.MapGet("/{id}", GetProduct);
productGroup.MapPost("/", CreateProduct);

var adminGroup = app.MapGroup("/api/admin")
    .RequireAuthorization("AdminPolicy");

adminGroup.MapDelete("/products/{id}", DeleteProduct);

Dependency Injection

services.AddScoped<IProductService, ProductService>();

app.MapGet("/products", GetProducts);

async Task<IResult> GetProducts(IProductService service)
{
    var products = await service.GetAllAsync();
    return Results.Ok(products);
}

Authentication/Authorization

app.MapGet("/public", () => "Anyone can access")
    .AllowAnonymous();

app.MapPost("/protected", () => "Authenticated users only")
    .RequireAuthorization();

app.MapDelete("/admin/{id}", DeleteProduct)
    .RequireAuthorization("AdminPolicy");

Best Practices

  1. Organize: Use groups for related endpoints
  2. Naming: Provide names for OpenAPI
  3. Validation: Use filter extensions
  4. Documentation: Add descriptions
  5. Error handling: Return appropriate status codes

Related Concepts

  • MVC controllers
  • REST principles
  • OpenAPI/Swagger
  • Routing

Summary

Minimal APIs simplify ASP.NET Core development. Perfect for modern microservices and lightweight applications.