ASP.NET Web API

Announcement: This forum has been replaced by Visual Studio Developer Community to provide you one convenient and responsive system for all feedback. You can now suggest new ideas, browse and vote on existing ideas in the Visual Studio Developer Community.

We’d like your suggestions and ideas to help us continuously improve future releases of ASP.NET, so we’ve partnered with UserVoice, a third-party service, to collect your feedback. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

This site is for feature suggestions; if you need to file a bug, you can visit our Developer Community website to get started.

Note: your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy and license terms.

We look forward to hearing from you!
- The ASP.NET Team

Feedback on ASP.NET Web API

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. 276 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Clean up Dependency Injection support

    Support for Dependency Injection could do with a bit of clean-up. Read more here: http://blog.ploeh.dk/2012/03/20/RobustDIWithTheASPNETWebAPI.aspx

    212 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    We have updated the IDependencyResolver abstraction to support dependency scopes.

  3. Add a HTML MediaTypeFormater to the Web API

    The Web Api is great but does not provide a simple way to provide a browser friendly representation. If a MediaTypeFormatter was created that would handle "application/xhtml+xml", "text/html" and "*/*" by using the standard view engines that come as part of ASP.Net MVC, it would be simple to provide a browsable, HTML version of the API. To this a developer could add help text per resource and a test harness to the layout/master page, using the familiar Razor or Web Forms based approach.

    Automatically generating help (as the WCF Web Api didi) is all well and good for a very…

    120 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    17 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    We shipped support for automatic help page generation in the ASP.NET and Web Tools 2012.2 release. It’s built as an MVC Area instead of using an HTML formatter. If you still think an HTML formatter for Web API would be useful then please create a separate suggestion and vote it up!

  4. Support $inlinecount OData Operator

    To provide a better paging solution for developers.

    66 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    Support for $inlinecount is now available in the ASP.NET and Web Tools 2012.2 release which includes ASP.NET Web API OData

  5. OAuth Integeration

    Integerated OAuth Authentication for Asp.net WebApi including OAuth Service Provider.

    60 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    We now support both securing Web APIs using OAuth 2.0 bearer tokens and also implementing the authorization server role through the OAuth 2.0 support in the Microsoft OWIN Components (codename “Katana”)

  6. Support for Multi-dimentional array using javascript or knockout.js

    If json parses and renders the data by key pair-value, we have a need that in order to transfer the data from server to client as light as possible and as fast as possible we are using multidimensional array.

    Json
    var json21 = {[[[CompetitionId:11871,CompetitionName:'Australia Hyundai A League'],
    [MatchHome:'Newcastle Jets',MatchAway:'Gold Coast United'],[[HomeAhOdd:'2.05',AwayAhOdd:'1.87',HomeHandicap:'-1',AwayHandicap:'+1'],
    ['HomeOuOdd:2.11',AwayOuOdd:'1.80',GoalLine:'3',MatchId:9926912,MatchDate:'03/09/12 17:00']]]]};

    Multidimensional array
    var json21 = { 'd' : [[[11871,'Australia Hyundai A League'],
    ['Newcastle Jets','Gold Coast United'],[['2.05','1.87','-1','+1'],
    ['2.11','1.80','3',9926912,'03/09/12 17:00']]]};

    As you notice multidimensional array is lighter and transfer data faster compare to json key-pair value approach.

    26 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    Multi-dimensional arrays are now support in JSON.NET version 4.5.8 or later.

  7. HTTP Client Certificates should be available to WebAPI code in a host agnostic way

    Since HTTP(S) client certificates are a fundamental piece in the HTTP story, there should be a standard way to access them from within WebAPI. Ideally on HttpRequestMessage.ClientCertificate (of type X509Certificate2).

    Currently you would have to use host specific ways to get to that information like HttpContext.Current.Request.ClientCertificate.

    26 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support OData changesets for batch/unit of work updating

    When using REST services in smart clients or rich JavaScript clients, it is normal to cache changes on the client side and send multiple updates back as a batch. Being able to leverage the change sets support in OData for this would be great.

    24 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. 19 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Deal with the fact that finalization of StreamWriter can close the response stream prematurely

    A typical pattern is to create a StreamWriter from the Stream argument that is passed to OnWriteToStreamAsync in a media type formatter. The guidance is to *not* close this StreamWriter since doing so will also close the underlying stream (which you don't want).

    But what happens if finalization of the once-out-of-scope StreamWriter occurs? Well, it will close the underlying stream!

    What is the team's guidance for dealing with this? Simply suppress finalization of the StreamWriter?

    18 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    The recommended pattern is to use the RegisterForDispose extension method on the request message to register all resources that you want disposed when the request is disposed.

  11. Duplex/Callback functionality

    I'm looking for a way to do a client callback/duplex function from a IIS hosted Web API w/a Windows PC .NET client. Right now I'm considering a in-process Web API hosted from w/in the client to receive messages.

    What other approaches can I look at for achieving this? While old school WCF has this functionality, this API is the future. Instead of polling, what type of mechanism could allow for a push type notification from the web api on iis to a .net windows client?

    15 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Replace Dispatcher in Web Host Scenarios

    Enable the ability to replace the http controller dispatcher in asp.net web host scenarios; In the beta, it is not possible.

    I would like to still leverage the http handler functionality, but I want the ability to replace the dispatcher with my own dispatcher.

    For example, we could replace the existing controller dispatcher with the the GlobalConfiguration.Dispatcher propoerty. Today, it is statically typed to HttpControllerDispatcher and is read-only, but you could see a scenario where this could be typed to HttpMessageHandler and writable to the user.

    14 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    When you configure your Web API routes you can specify a message handler for that route in the MapHttpRoute extension method.

  13. Support for stream binding and simplify upload case

    Provide ability for binding to Stream property. It would be nice if I could create upload as easy as it is in MVC. Please provide out of the box suport for binding multipart/form-data or octet-stream to class with stream property.
    It would be also nice If I could bind field with base64 string to stream property.

    13 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  ASP.NET Web API  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Pranav Rastogi responded

    In ASP.NET 5, MVC and Web API are unified into MVC 6 so you can use the MVC model to bind to stream for Web API scenarios.

  14. 13 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    Reference documentation for ASP.NET Web API is now available on MSDN.

  15. 13 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. 10 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    We now support per-controller configuration by applying an attribute to your controller that implements IControllerConfiguration.

  17. Populate Thread.CurrentPrincipal with Client Identity

    The controller plumbing should sync Thread.CurrentPrincipal to HttpRequestMessage.GetUserPrincipal().

    T.CP is a well established pattern in .NET (e.g. ASP.NET and WCF) and many code bases use it (e.g. IsInRole or PrincipalPermission). When bringing existing library code to WebAPI you will get inconsistent security behavior if this is not correctly set.

    9 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Consistent Integration with Host Security

    The host integration plumbing should be consisten when copying host established client identity to WebAPI.

    The logic should be:

    - If the host has established a client identity, copy it to the request message.
    - If not, set up an anonymous principal.

    Currently, in web hosting the client id is always copied, in self hosting only for windows auth.

    This will lead to situations where HttpRequestMessage.GetUserPrincipal() returns null.

    9 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    We now consistently use Threat.CurrentPrincipal as the contract between ASP.NET Web API and the host.

  19. Make Web API Model Binding more like MVC Model Binding

    I would be nice to be able to upload a file as part of a model to Web API like we currently can on MVC. Web API doesn't accept HttpPostedFileBase as a field type like MVC does.

    6 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Make Web API a common component

    Right now Web API is viewed as a component under AP.NET MVC. But, in my opinion, it should be available as just a common file template. The file template is available now, but still developers categorize Web API under ASP.NET MVC. Please evangelize Web API such that it will be viewed as a component under ASP.NET core.

    It is just my opinion. You may correct me if I am wrong.

    6 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
    completed  ·  Daniel Roth responded

    ASP.NET Web API is now first-class citizen in the One ASP.NET story.

← Previous 1

ASP.NET Web API

Feedback and Knowledge Base