Articles about ASP.NET Core

Want to protect an API endpoint?

Add the [Authorize] attribute.

Common authorization options:

• [Authorize]
• [Authorize(Roles = "Admin")]
• [Authorize(Policy = "EmployeeOnly")]
• [AllowAnonymous] for public endpoints
• Configure authentication before using authorization

Protected endpoints require authenticated users before your action executes.

Public endpoints without [Authorize] are accessible without authentication.

How do you organize authorization in your APIs?

Consider parallel execution.

Common approaches:

• Use Task.WhenAll()
• Process independent tasks concurrently
• Increase consumer instances
• Batch operations when possible
• Remove unnecessary bottlenecks

Parallel processing allows multiple operations to run at the same time rather than waiting for each to finish.

For example:

• 10 API calls executed sequentially may take 10 seconds
• 10 API calls executed in parallel may take around 1 second

Of course, parallelism isn't free. Databases, external APIs, and infrastructure still have limits.

But if your workload is independent, parallel execution is often one of the simplest ways to increase throughput.

What was the biggest throughput improvement you've achieved?