Mid ASP.NET Web API Interview Questions

API versioning ensures backward compatibility and predictable updates.

Common approaches:

• URL versioning: /api/v1/resource
• Query versioning: ?api-version=1.0
• Header versioning: api-version: 1.0

Use the Microsoft.AspNetCore.Mvc.Versioning package and decorate controllers with [ApiVersion("1.0")].

Enable compression using:

services.AddResponseCompression()

Supports Gzip and Brotli to reduce payload size and improve performance.

Global exception handling centralizes error responses.

Use:

• UseExceptionHandler() middleware
• Custom exception-handling middleware
• Standardized error payloads and logging

Include:

• statusCode
• message
• errors (validation details)
• traceId

Avoid exposing internal details for security.

Use libraries like AspNetCoreRateLimit to:

• Limit requests per IP or client
• Protect server from abuse
• Apply global or endpoint-specific rules

Use streaming techniques:

• IFormFile for uploads
• Avoid full in-memory buffering
• Enable compression where needed

Use:

• ETag
• Last-Modified
• If-None-Match or If-Modified-Since

Returns 304 Not Modified when content is unchanged.

Use field selection / projection such as:

?fields=name,email

Implement DTOs to avoid returning unnecessary properties.

HATEOAS enriches responses with navigational links.

Example:

Order response may include:

• self link
• update link
• cancel link

Use:

• Redis
• SQL Server distributed cache
• Memcached

Useful for multi-instance API deployments.

Avoid sending PII or sensitive fields.

Use DTOs, masking, or encryption.

Always enforce HTTPS.

Best practices:

• Maintain old versions
• Introduce new versioned endpoints
• Document migration paths

Use Skip and Take (LINQ).

Include:

• page
• pageSize
• totalCount
• totalPages

Expose query parameters for filtering and sorting:

• ?status=active
• ?sort=name_desc

Combine with pagination for scalable responses.

Use monitoring tools:

• Application Insights
• Prometheus + Grafana
• Serilog

Track duration, throughput, failure rates, response sizes.

Use built-in health checks:

services.AddHealthChecks();

Expose /health endpoint to monitor DB, disk, and external services.

Keep older versions active.

Deprecate API versions gradually.

Provide documentation for migration.

Use Swagger / OpenAPI:

• Interactive documentation
• Multiple version support
• Authentication integration
• Schema validation

To integrate EF Core with Web API:

• Install EF Core packages such as Microsoft.EntityFrameworkCore and Microsoft.EntityFrameworkCore.SqlServer.
• Register your DbContext in Program.cs using AddDbContext.
• Inject DbContext via constructor injection in controllers or services.
• Use migrations and LINQ for strongly-typed database access.

DbContext manages the database connection, querying, saving, and tracking of entities.

DbSet<T> represents a table and allows querying and CRUD operations for that entity type.

DTOs decouple API contracts from internal entity models.

Benefits:

• Prevents over-posting
• Improves security
• Helps with API versioning
• Simplifies maintenance

Mapping can be done manually or using AutoMapper.

The Repository Pattern abstracts the data access layer.

It provides:

• Clean separation of concerns
• Mockable interfaces for testing
• Consistent CRUD interface

The Unit of Work pattern groups operations under one transaction.

DbContext naturally acts as a Unit of Work; calling SaveChangesAsync commits all changes atomically.

Use explicit transactions via:

await context.Database.BeginTransactionAsync();

Wrap operations in try/catch to commit or rollback.

Use async LINQ extensions:

• ToListAsync()
• FirstOrDefaultAsync()
• SingleOrDefaultAsync()

Improves scalability by freeing threads during database I/O.

Use LINQ:

• Where() for filtering
• OrderBy()/OrderByDescending() for sorting
• Skip()/Take() for pagination

Use DTOs and map only allowed fields.

Avoid binding client input directly to entity models.

Add an IsDeleted flag and filter queries:

.Where(x => !x.IsDeleted)

Useful for audits and data recovery.

Use a RowVersion (timestamp) column.

EF detects conflicts and throws DbUpdateConcurrencyException.

Eager: Include()

Lazy: Navigation property auto-loading (requires proxies)

Explicit: context.Entry(entity).Collection(...).Load()

EF Core 5+ supports many-to-many with:

HasMany().WithMany()

Junction table is auto-created unless custom entity is needed.

Use TransactionScope for distributed transactions.

Or share the same database connection among contexts.

Use:

• FromSqlRaw() for queries
• ExecuteSqlRaw() for commands

Always use parameters to prevent SQL injection.

Use:

• IMemoryCache for local cache
• Redis for distributed cache

Cache expensive queries and invalidate on updates.

Use:

Skip((page-1)*pageSize).Take(pageSize)

Combine with filtering and sorting before applying pagination.

Use:

• Add-Migration
• Update-Database

Supports schema evolution and controlled deployments.

Best practices:

• Use projection via Select()
• Use pagination
• Avoid ToList() on large tables
• Optimize queries with indexes

Testing strategies:

• Use InMemory provider for unit tests
• Use SQLite in-memory for integration tests
• Mock repositories/DbContext for isolation