Course Overview
This course teaches developers how to build secure, database-backed Web APIs using ASP.NET Core, Entity Framework Core, and Razor Pages. Through a series of hands-on labs, learners will create a full-featured blog application that includes CRUD operations, JSON Web Token (JWT) authentication, and role-based access control. Participants will learn how to structure Web API controllers, connect to SQL Server using EF Core, secure endpoints with bearer tokens, and consume APIs from client-side Razor Pages, gaining the skills needed to build scalable and secure web applications.
🤖 AI Agent-Led Learning Experience
Intelligent Learning Support
AI agents provide 24/7 personalized and expert instruction, adapting to your learning pace and style.
Personalized Practice
Receive customized exercises and scenarios based on your progress and areas for improvement.
Continuous Assessment
Real-time feedback and progress tracking help you stay on track and achieve your learning goals.
Hands-On Labs
This course includes practical, hands-on laboratory exercises to reinforce your learning:
Lesson 1: Creating a new Web API
In Lesson 1, you’ll learn how to create and consume Web APIs using ASP.NET Core. Starting from a pre-configured solution, you’ll build a functional Web API that exposes blog data, then connect it to a client-side Razor Pages application using HttpClient. You’ll define a controller with RESTful endpoints, return hardcoded data, and test your API using Swagger. On the client side, you’ll configure dependency injection, retrieve API data asynchronously, and display it in a dynamic table. This lesson lays the groundwork for understanding the API-client relationship and how to structure clean, maintainable API-driven application
Lesson 2: Persisting Blog Data in the Database
In Lesson 2, you’ll extend your blog application by integrating a real SQL Server database using Entity Framework Core. You'll replace in-memory data with persistent storage, enabling the API to perform full CRUD operations—create, read, update, and delete—against a BlogPosts table. You’ll learn how to use DbContext to manage database access, apply asynchronous EF Core methods for scalability, and wire up API endpoints to interact with live data. On the frontend, you’ll build Razor Pages for creating and editing blog posts through API calls, giving you hands-on experience with data modeling, API-backed forms, and real-time database updates in a modern .NET application.
Lesson 3: Securing the Blog App and Blog API
In Lesson 3, you'll secure your blog application by implementing authentication and authorization using JSON Web Tokens (JWT). You'll learn how to generate JWTs upon user login, store them securely in HttpOnly cookies, and pass them in API requests for protected operations. The lab walks you through configuring the API to validate tokens, enforcing role-based access to sensitive endpoints like create, edit, and delete, and updating the Razor Pages client to honor user roles in the UI. By the end of this lesson, you'll understand how to protect your APIs and build secure, role-aware applications using ASP.NET Core authentication and authorization best practices.
Ready to Get Started?
Join thousands of professionals who have advanced their careers with our training programs.
Join Scheduled Training
Find upcoming sessions for this course and register for instructor-led training with other professionals.
View ScheduleCustom Training Solution
Need training for your team? We'll create a customized program that fits your organization's specific needs.
Get Custom Quote