If you’re used to creating traditional Web APIs in ASP.NET, you’ve probably become accustom to using System.ComponentModel.DataAnnotations such as the [Required] or [StringLength] data attributes. Using these in your models that are parameters to your API project would return the proper 400 response code when the input didn’t match the requirement.
In ASP.NET Core 2.0, this is no longer built in right out of the box, but setting it up is super easy! So if you don’t want to abstract your model validation in your business logic layer and want to get it out of the way right away when the request comes in, check this out.
There are only two steps to doing this:
- Create an implementation of `IActionFilter`
- Register this Filter class in your startup
Let’s start by creating a ValidatorActionFilter class:
ValidatorActionFilter.cs
/// <summary>
/// Filter for returning a result if the given model to a controller does not pass validation
/// </summary>
public class ValidatorActionFilter : IActionFilter
{
public void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!filterContext.ModelState.IsValid)
{
filterContext.Result = new BadRequestObjectResult(filterContext.ModelState);
}
}
public void OnActionExecuted(ActionExecutedContext filterContext)
{
}
}
What this does is check the current HttpContext.ModelState to make sure it is valid. This allows us to ensure we don’t have to make this check in each endpoint. Note, we don’t have to add anything in the OnActionExecuted method since this filter is used exclusively before the action is called.
In the OnActionExecuting call, if the model state is NOT valid, we need to return the 400 – Bad Request response as the result.
Now, let’s register this in our startup. We do this by applying it in the ConfigureServices call and specifically in the options of the AddMvc call:
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc(options =>
{
options.Filters.Add(typeof(ValidatorActionFilter));
});
}
And that’s it! So now your endpoints will return the proper response such as:
MyInputModel.cs
public class MyInputModel
{
[Required]
public string SomeRequiredValue { get; set; }
public string SomeNotRequiredValue { get; set; }
}
MyController.cs
public class MyController : Controller
{
public ActionResult DoSomeAction([FromBody]MyInputModel input)
{
return Ok("You did it"!)
}
}
The request of:
{
"someNotRequiredValue": "Hey"
}
Will return 400 - Bad Request - "The SomeRequiredValue field is required"
And the request of:
{
"someRequiredValue": "Yo"
"someNotRequiredValue": "Hey"
}
Will return 200 - Ok - "You did it!"
So go forth and validate those input models with ease!
If you like what you see, don’t forget to follow me on twitter @Suave_Pirate, check out my GitHub, and subscribe to my blog to learn more mobile developer tips and tricks!
Interested in sponsoring developer content? Message @Suave_Pirate on twitter for details.
Alex Dunn 
Thank you so much for this tutorial, I was searching for this for several hours. There are a lot of guides regarding ASP.NET Web API but barely anyone writes about ASP.NET Core Web API.
Just one thing I have noticed is that the model validation is only done for the first element, if I mark both Id and Name as “Required”, only Id is checked, Name is ignored. Can you tell me what issue this could be ?
LikeLike
awesome ! i was expecting for this . useful for me. Thank you !
LikeLike
Thanks for the article. It helps me a lot.
LikeLike