Built-in token authentication with ASP.NET Core 9.0 Minimal WebAPI

In this tutorial I will showcase the built-in WebApi token authentication. To keep it simple, we shall persist our data in the lightweight SQLite database.

Prerequisites

It is assumed that you have installed the following on your computer:

• .NET 9.0
• Visual Studio Code editor

Getting Started

In a suitable working directory, create a new WebApi application using the following terminal window command:

dotnet new webapi --name WebApiTokenAuth

Change directory with:

cd WebApiTokenAuth

We will need to add some packages. Also in the same terminal window, run the following commands:

dotnet add package Microsoft.AspNetCore.Identity.EntityFrameworkCore

dotnet add package Microsoft.EntityFrameworkCore.Sqlite

dotnet add package Microsoft.EntityFrameworkCore.Tools

dotnet add package Microsoft.EntityFrameworkCore.Design

dotnet add package Swashbuckle.AspNetCore

The above packages allow us to use SQLite and Entity Framework. The last package (Swashbuckle.AspNetCore) will be used to provide a default Swagger UI.

Make sure you have the dotnet-ef tool. If you do not, you can globally install it with:

dotnet tool install --global dotnet-ef

If you already have the dotnet-ef, update your version to the latest with:

dotnet tool update --global dotnet-ef

Let us first add Swagger UI to our WebAPI application so that we can easily test our API endpoints. Open your source code with Visual Studio Code by executing the following statement from a terminal window inside the root folder of the application:

code .

You can now add the following statement right under app.MapOpenApi():

app.UseSwaggerUI(options =>  {

    options.SwaggerEndpoint("/openapi/v1.json", "My WebAPI");

});

Edit file Properties/launchSettings.json. In both http and https blocks, change the value of launchBrowser to true.

Also, in both http & https blocks, add the following setting:

"launchUrl": "swagger"

Let us run our web app and see what it does. Run the web app with:

dotnet watch

This gets loaded into your default browser:

Click on GET >> Try it out >> Execute. This will produce the following output:

Database context class

Since we will be using Entity Framework to talk to the SQLite database, we will need a database context class. Add a folder named Data, then add to it a class named ApplicationDbContext that derives from IdentityDbContext<IdentityUser> with the following code:

public class ApplicationDbContext: IdentityDbContext<IdentityUser> {

    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : base(options)

    {}

}

Add the following connection string to appsettings.json:

"ConnectionStrings": {

  "DefaultConnection": "Data Source=webapi-auth.db;"

}

Next, we must register ApplicationDbContext with our app by adding the following code into Program.cs right before 'var app = builder.Build();':

// Configure identity database access via EF Core

var connectionString = builder.Configuration.GetConnectionString("DefaultConnection") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found.");

builder.Services.AddDbContext<ApplicationDbContext>(options =>

    options.UseSqlite(connectionString));

Other required services

Add the following code right after the above code:

// Authorization

builder.Services.AddAuthorization();

// Activate identity APIs. By default, both cookies and proprietary tokens

// are activated. Cookies will be issued based on the 'useCookies' querystring

// parameter in the login endpoint

builder.Services.AddIdentityApiEndpoints<IdentityUser>()

    .AddEntityFrameworkStores<ApplicationDbContext>();

We need to add authorization and authentication middleware with the following code right after 'app.UseHttpsRedirection();':

app.UseAuthentication(); 

app.UseAuthorization(); 

Let us secure the /weatherforecast endpoint by forcing authentication. Chain the following to the endpoint by adding this code right under '.WithOpenApi()':

.RequireAuthorization();

The full app.MapGet() code will look like this:

app.MapGet("/weatherforecast", () =>

{

    var forecast =  Enumerable.Range(1, 5).Select(index =>

        new WeatherForecast

        (

            DateOnly.FromDateTime(DateTime.Now.AddDays(index)),

            Random.Shared.Next(-20, 55),

            summaries[Random.Shared.Next(summaries.Length)]

        ))

        .ToArray();

    return forecast;

})

.WithName("GetWeatherForecast")

.WithOpenApi()

.RequireAuthorization();

Adding Identity API endpoints

Add the identity endpoints to your app by calling MapIdentityApi<IdentityUser>(). Add the following code to Program.cs right before 'app.Run();':

app.MapIdentityApi<IdentityUser>();

Migrations

Since our app uses EF Core, we will create a migration in the Data folder and update the database. Run the following terminal commands:

dotnet ef migrations add M1 -o Data/Migrations

dotnet ef database update

You will notice that a SQLite database file is created named webapi-auth.db.

Try it out

Let us test our application to see whether or not we have indeed succeeded in securing our API endpoint. Start your app with:

dotnet watch

You will see a variety of identity related endpoints when the following page gets loaded into your default browser:

Try to hit the /weatherforecast endpoint and see the data. You will encounter a 401 (unauthorized) error:

Let us register a user. Click on the /register endpoint then click on the "Try it out" button. Update the JSON object so it looks like this:

{

  "email": "a@a.a",

  "password": "P@$$w0rd"

}

Click on the Execute button. You will get a Code 200 response representing success:

Next, let us login with the credentials we created. Click on the /login endpoint, then click on the "Try it out" button.

Choose true for useCookies and update the JSON object so it only has the credentials we had previously created. Thereafter, click on the Execute button. You should get a code 200 response:

Now let's try getting the data using the GET /weatherforecast endpoint. It should be a relief that we can now see the weather forecast information.

Conclusion

With ASP.NET Core 9.0 we need to follow these steps:

• restore Swagger UI
• configure our WebAPI application with the built in ,NET token authentication capability

Built-in authentication with ASP.NET Core .NET 8.0 Minimal WebAPI

In this tutorial I will showcase the built-in WebApi authentication that was introduced with ASP.NET Core 8.0. To keep it simple, we shall persist our data in the lightweight SQLite database.

Source Code: https://github.com/medhatelmasry/WebApiAuth

Companion Video: https://youtu.be/SSLSNWRQJiA

Prerequisites

It is assumed that you have installed the following on your computer:

• .NET 8.0
• Visual Studio Code editor

Getting Started

In a suitable working directory, create a new WebApi application using the following terminal window command:

dotnet new webapi -f net8.0 --name WebApiAuth

Change directory with:

cd WebApiAuth

We will need to add some packages. Also in the same terminal window, run the following commands:

dotnet add package Microsoft.AspNetCore.Identity.EntityFrameworkCore -v 8.0.0
dotnet add package Microsoft.EntityFrameworkCore.Sqlite -v 8.0.0
dotnet add package Microsoft.EntityFrameworkCore.Tools -v 8.0.0
dotnet add package Microsoft.EntityFrameworkCore.Design -v 8.0.0

The above packages allow us to use SQLite and Entity Framework.

Make sure you have the dotnet-ef tool. If you do not, you can globally install it with:

dotnet tool install --global dotnet-ef

If you already have the dotnet-ef, update your version to the latest with:

dotnet tool update --global dotnet-ef

Let us run our web app and have a peek at what it does. Run the web app with:

dotnet watch

This gets loaded into your default browser:

Click on GET >> Try it out >> Execute. This will produce the following output:

It is time for us to peek into the code. Stop the server with CTRL C, then start Visual Studio Code with the following terminal command:

code .

Database context class

Since we will be using Entity Framework to talk to the SQLite database, we will need a database context class. Add a folder named Data, then add to it a class named ApplicationDbContext that derives from IdentityDbContext<IdentityUser> with the following code:

using Microsoft.AspNetCore.Identity;

using Microsoft.AspNetCore.Identity.EntityFrameworkCore;

using Microsoft.EntityFrameworkCore;

namespace WebApiAuth.Data;

public class ApplicationDbContext: IdentityDbContext<IdentityUser> {

    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : base(options)

    {}

}

Add the following connection string to appsettings.json:

"ConnectionStrings": {

  "DefaultConnection": "Data Source=webapi-auth.db;"

}

Next, we must register ApplicationDbContext with our app by adding the following code into Program.cs right before 'var app = builder.Build();':

// Configure identity database access via EF Core

var connectionString = builder.Configuration.GetConnectionString("DefaultConnection") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found.");

builder.Services.AddDbContext<ApplicationDbContext>(options =>

    options.UseSqlite(connectionString));

Other required services

Add the following code right after the above code:

// Authorization

builder.Services.AddAuthorization();

// Activate identity APIs. By default, both cookies and proprietary tokens

// are activated. Cookies will be issued based on the 'useCookies' querystring

// parameter in the login endpoint

builder.Services.AddIdentityApiEndpoints<IdentityUser>()

    .AddEntityFrameworkStores<ApplicationDbContext>();

We need to add authorization and authentication middleware with the following code right after 'app.UseHttpsRedirection();':

app.UseAuthentication(); 

app.UseAuthorization(); 

Let us secure the /weatherforecast endpoint by forcing authentication. Chain the following to the endpoint by add ing this code right under '.WithOpenApi()':

.RequireAuthorization();

The full app.MapGet() code will look like this:

app.MapGet("/weatherforecast", () =>

{

    var forecast =  Enumerable.Range(1, 5).Select(index =>

        new WeatherForecast

        (

            DateOnly.FromDateTime(DateTime.Now.AddDays(index)),

            Random.Shared.Next(-20, 55),

            summaries[Random.Shared.Next(summaries.Length)]

        ))

        .ToArray();

    return forecast;

})

.WithName("GetWeatherForecast")

.WithOpenApi()

.RequireAuthorization();

Adding Identity API endpoints

Add the identity endpoints to your app by calling MapIdentityApi<IdentityUser>(). Add the following code to Program.cs right before 'app.Run();':

app.MapIdentityApi<IdentityUser>();

Migrations

Since our app uses EF Core, we will create a migration in the Data folder and update the database. Run the following terminal commands:

dotnet ef migrations add M1 -o Data/Migrations

dotnet ef database update

You will notice that a SQLite database file is created named webapi-auth.db.

Try it out

Let us test our application to see whether or not we have indeed succeeded in securing our API endpoint. Start your app with:

dotnet watch

You will see a variety of identity related endpoints when the following gets loaded into your default browser:

Try to hit the /weatherforecast endpoint and see the data. You will encounter a 401 (unauthorized) error:

Let us register a user. Click on the /register endpoint then click on the "Try it out" button. Update the JSON object so it looks like this:

{

  "email": "a@a.a",

  "password": "P@$$w0rd"

}

Click on the Execute button. You will get a Code 200 response representing success:

Next, let us login with the credentials we created. Click on the /login endpoint, then click on the "Try it out" button.

Choose true for useCookies and update the JSON object so it only has the credentials we had previously created. Thereafter, click on the Execute button. You should get a code 200 response:

Now let's try getting the data using the GET /weatherforecast endpoint. It should be a relief that we can now see the data.

With ASP.NET Core 8.0 came an easier way for securing WebAPI. 

HttpRepl essentials

HttpRepl is a light-weight utility from Microsoft used to test REST APIs and view their results. It can run on any O/S that .NET Core (or .NET 5 and later) runs on. HttpRepl is an open-source project on GitHub at https://github.com/dotnet/HttpRepl. It is an alternative to Postman.

Companion video: https://youtu.be/RLdnXN4OAPg

To install the HttpRepl, run the following command from within a terminal window:

dotnet tool install -g Microsoft.dotnet-httprepl

To update HttpRepl to the latest version, enter the following command:

dotnet tool update -g Microsoft.dotnet-httprepl

On Windows, this tool gets installed at:

%USERPROFILE%\.dotnet\tools\httprepl.exe

Let us test  HttpRepl with a REST API service located at https://api4all.azurewebsites.net. From within a terminal window, enter the following command:

httprepl https://api4all.azurewebsites.net

You are advised to associate the HttpRepl utility with a text editor so that you can compose your POST & PUT requests. The below terminal window command will associate Notepad.exe (in Windows) with HttpRepl:

pref set editor.command.default "C:\Windows\system32\notepad.exe"

Enter dir (or ls) :

HttpRepl allows you to navigate through your API tree. In our current service, all services are under /api. Therefore, change directory to api then check the contents with:

cd api

dir

Now, let’s checkout Students. Therefore, change to the Students location and inspect what is available there with:

cd Students

dir

NOTE: HttpRepl is case-sensitive. This means that “cd students” will generate an error.

This shows us that we can do GET, POST, PUT and DELETE. Entering the id is necessary for DELETE, PUT and retrieving one Student (GET by id).

Let us retrieve all Students data by entering GET:

How about we try POST. Just enter POST and the editor we configured earlier on pops up with a JSON template:

Enter some data then simply save & close your editor. I entered the following then saved & closed the editor. 

This was the output I got:

Enter GET to ensure that data was indeed inserted:

Let’s do a GET by id by entering the following:

GET A00555555

This is the result:

How about we do an update. Enter:

PUT A00555555

This opens the editor again. However, the existing data is not displayed. This is what I got:

I entered data as follows, using the same ID as before, and changing only school to nursing. I then saved the document before closing it:

This is the output I received:

I then did a GET to see all students:

Finally, let us delete our student by entering:

DELETE A00555555

You should see the following response:

Now when we do a GET, there will be no student with ID = A00555555:

To exit out of HttpRepl, simply type exit.

I hope you found HttpRepl a useful utility.

Adding Swagger to an ASP.NET Core 2.0 app

Swagger is an API specification framework. It reminds me of WSDL in the SOAP days. In this article I will guide you in add Swagger documentation to an ASP.NET Core Web API app.

There are three components that we need to buckle-up in our Web API application. These are, not surprisingly, called Swashbuckle:

1. Swashbuckle.AspNetCore.SwaggerGen : builds SwaggerDocument objects from your router, controllers and models.
2. Swashbuckle.SwaggerUI : embedded version of Swagger UI tool which uses the above documents for a rich customizable experience for describing the Web API functionality and includes built in test harness capabilities for the public methods.
3. Swashbuckle.AspNetCore.Swagger: Swagger object model and middleware to expose SwaggerDocument objects as JSON endpoints.

For starters, add package Swashbuckle to your project. This can be done in two ways:

1) If you are using Visual Studio 2017, execute the following command from the Package Manager Console:

install-package --version 2.1.0 Swashbuckle.AspNetCore

You can find the Package Manager Console in Visual Studio 2017 at Tools >>  NuGet Package Manager >> Package Manager Console.

2) From a terminal window in the main project folder, enter the following command:

dotnet add package Swashbuckle.AspNetCore -Version 2.1.0

Add the following using statement at the top of your Startup.cs file:

using Swashbuckle.AspNetCore.Swagger;

Next, add the Swagger generator to bottom of the ConfigureServices() method in Startup.cs:

// Register the Swagger generator, defining one or more Swagger 
// documents
services.AddSwaggerGen(c => {
  c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });
});

Add the following two lines of code to the Cofigure() method in Startup.cs just before app.UseMvc():

// Enable middleware to serve generated Swagger as JSON endpoint
app.UseSwagger();

// Enable middleware to serve swagger-ui (HTML, JS, CSS, etc.)
// specifying the Swagger JSON endpoint.
app.UseSwaggerUI(c =>
{
  c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
});

NOTE: You can exclude the service generated by an API controller by annotating the controller class with: [ApiExplorerSettings(IgnoreApi = true)]

Run your application with CTRL + F5.

Point your browser to http://localhost:{port number}/swagger/v1/swagger.json and you will see a JSON document that describes the endpoints of your service.



You can also see the Swagger UI at URL http://localhost{port number}/swagger.



In the above example the API service is Studentapi. Your service will be under API V1. Click on it and you will see something similar to the following:



To test out GET, click on the first blue GET button and the section will expand describing to you the structure of your object:



Click on the “Try it out!” button to view the data coming back from the service for all items in the collection:



Click on the first blue GET button again to collapse the section. Now, click on the second blue GET button to test retrieval of an item by id.



Enter a value for ‘id’ then click the “Try it out!” button. It should get for you the item for that id.



In a similar manner, go ahead and test out all the other POST, DELETE, and PUT buttons.

The official Swagger website at http://swagger.io/. You can generate a Swagger client for most programming languages at http://editor.swagger.io/.

Adding Swagger to an ASP.NET Web API 2 app that uses .NET Framework 4.5.2

Swagger is an API specification framework. It reminds me of WSDL in the SOAP days. In this article I will guide you in add Swagger documentation to an ASP.NET Core Web API app.

I will show you how to add Swagger documentation to an ASP.NET Web API 2 application that is running under .NET Framework 4.5.2.

Create a simple Web API application using Visual Studio 2015.

1. File >> New >> Project

2. Templates >> Visual C# >> Web

3. Choose “ASP.NET Web Application (.NET Framework) Visual C#”

4. Give your application a name like “WebApi2Swagger” then click on OK.




5. On the next dialog, choose Web API, uncheck “Host in the cloud”, then click OK.



6. Once the application template is created, open the Controllers/ValuesControllers.cs file and delete the [Authorize] annotation over the class declaration line.

7. Run the application by hitting CTRL + F5 on your keyboard. Add /api/values to the address line to see the sample API that is created by this template. It should look like this:



8. Run the following command in the “Package Manager Console” in Visual Studio:

Install-Package Swashbuckle

9. The next step is to enable XML documentation in your web application. Right-click on the web app project node in Solution Explorer and choose Properties.



10. In the Build tab, enable “XML documentation file” in the Output section.



Copy the XML filename and paste it in a text editor so that you can use it later. In the above case, the filename is bin\WebAPI2Swagger.XML.

11. Open App_Start/SwaggerConfig.cs. Make the following change:

Find “//c.IncludeXmlComments(GetXmlCommentsPath());” around line 100. Right after this line, add the following code:

c.IncludeXmlComments(string.Format(@"{0}\bin\WebAPI2Swagger.XML",
        System.AppDomain.CurrentDomain.BaseDirectory));

Note that the filename is what you had previously pasted in a text editor.

12. Build and run your application. Add /swagger to the URL address. You should see a page that looks like this:

Testing it out

Click on Values.



Click on the “GET” button.

Click on the “Try it out!” button. You should see the Curl command, Response Body, Response Code, and Response Headers.

 

Conclusion

Although this tutorial is very simplistic, the steps  we went through equally applies to more complicated API objects.

Consuming a Swagger service in Visual Studio 2015

In a previous post I discuss how to add Swagger to an ASP.NET Core 1.0 application. In this post I will show you how to use it.

We will build a simple C# command-line console application to consume a Swagger service at http://cartoonapi.azurewebsites.net/api/cartoon. This service displays a list of cartoon characters and a link of their images. Point your browser to the above address and you will see this output:

[{"name":"Aladdin","pictureUrl":"images/aladdin.png"},
{"name":"Bambam Rubble","pictureUrl":"images/bambam_rubble.png"},
{"name":"Bambi","pictureUrl":"images/bambi.png"},
{"name":"Barney Rubble","pictureUrl":"images/barney_rubble.png"},
{"name":"Betty Flintstone","pictureUrl":"images/betty_flintstone.png"},
{"name":"Dino","pictureUrl":"images/dino.png"},
{"name":"Donald Duck","pictureUrl":"images/donald_duck.png"},
{"name":"Flintstone Family","pictureUrl":"images/flintstone_family.png"},
{"name":"Flounder","pictureUrl":"images/Flounder.png"},
{"name":"Fred Flintstone","pictureUrl":"images/fred_flinrstone.png"},
{"name":"Goofy","pictureUrl":"images/Goofy.png"},
{"name":"Jasmine","pictureUrl":"images/jasmine.png"},
{"name":"Jumbo","pictureUrl":"images/jumbo.png"},
{"name":"Mermaid","pictureUrl":"images/mermaid.png"},
{"name":"Micky Mouse","pictureUrl":"images/micky_mouse.png"},
{"name":"Minnie Mouse","pictureUrl":"images/minnie_mouse.png"},
{"name":"Pebbles Flintstone","pictureUrl":"images/pebbles_flintstone.png"},
{"name":"Peter Pan","pictureUrl":"images/peter_pan.png"},
{"name":"Pinocchio","pictureUrl":"images/pinocchio.png"},
{"name":"Pluto","pictureUrl":"images/pluto.png"},
{"name":"Simba","pictureUrl":"images/simba.png"},
{"name":"Snow White","pictureUrl":"images/snow_white.png"},
{"name":"Tigger","pictureUrl":"images/tigger.png"},
{"name":"Tinkerbell","pictureUrl":"images/tinkerbell.png"},
{"name":"Tweety","pictureUrl":"images/tweety.png"},
{"name":"Wilma Flintstone","pictureUrl":"images/wilma_flintstone.png"},
{"name":"Winnie The Pooh","pictureUrl":"images/winnie_the_pooh.png"}]

Note that there are two properties in the above object representing a cartoon character – name & pictureUrl.
The Swagger documentation is located at http://cartoonapi.azurewebsites.net/swagger/ui/. This URL displays the following page:



The swagger.json file contains the description of the serice and will be used later to create a C# client.

Creating a blank C# Console App

Let us start by creating our console application.

• Start Visual Studio 2015
• File >> New >> Project
• Templates >> Visual C# >> Windows >> Console Application
• Name the application MySwaggerClient

Adding Swagger client code to our console app

Point your browser to the address of your Swagger service. If you wish to go along with this example, access this page in your browser:

http://cartoonapi.azurewebsites.net/swagger/v1/swagger.json.

Copy all the contents of the JSON object on the page into the clipboard by hitting CTRL + A followed by CTRL + C on your keyboard.

Back in Visual Studio 2015, add a text file to your project and name it swagger.json. Paste the contents of your clipboard into swagger.json then save the file. You will notice that Visual Studio formats this file properly and it is possible to make sense of the content. Close inspection of the file reveals that this JSON file is a description of the remote service and it is intended for use by IDEs and code generators. We will next have Visual Studio 2015 interpret this description file and subsequently generate C# client code for us.

Right-click on the project node >> Add >> REST API Client…





Click on the second “Select an existing metadata file” radio button, then browse to the swagger.json file and select it. Click on OK when you are done.

Visual Studio 2015 will then generate client code for your project. You should see additional C# files added to your project as shown below:



Note two model classes: CartoonCharacter.cs and CartoonCharacterCollection.cs. These represent the model classes on the server.

Build your app to make sure that you do not have any errors.

Using the Swagger client code in our application

Since we will be making a remote call, it is best that we access the service asynchronously. Therefore we will use all the asynchronous versions of the calling methods.

Add the following async method to Program.cs:

static async Task<IEnumerable<CartoonCharacter>> GetAsync() {
  string baseUrl = "http://cartoonapi.azurewebsites.net/";
  using (var client = new Auth0SwaggerSampleAPI(new Uri(baseUrl))) {
    var results = await client.ApiCartoonGetAsync();
    IEnumerable<CartoonCharacter> comic = results.Select(m => new CartoonCharacter
    {
      Name = m.Name,
      PictureUrl = m.PictureUrl
    });
    return comic;
  }
}

We first assign the base URL of our remote service to a variable named baseUrl. We then instantiate an instance of Auth0SwaggerSampleAPI. This is essentially the name of the class that Visual Studio created for us and represents the remote service. The instance of the Auth0SwaggerSampleAPI class is represented by the client object. With the client object we can call a method ApiCartoonGetAsync(), which returns all items into a variable results. Using a LINQ Lambda Expression, we can then populate a list of CartoonCharacter objects. We then return the list.

Add another async method that displays the contents of the collection to a terminal window:

static async Task RunAsync() {
  IEnumerable<CartoonCharacter> comic = await GetAsync();
  foreach (var item in comic) {
    Console.WriteLine("{0}, {1}",item.Name, item.PictureUrl);
  }
}

Lastly, we will add a method call to RunAsync() from within the Main() method that runs asynchronously. Add the following to the Main() method.

RunAsync().Wait();

If you now build and run your console application, you should see the following output:

Barney Rubble, images/barney_rubble.png
Betty Flintstone, images/betty_flintstone.png
Dino, images/dino.png
Donald Duck, images/donald_duck.png
Flintstone Family, images/flintstone_family.png
Flounder, images/Flounder.png
Fred Flinrstone, images/fred_flinrstone.png
Goofy, images/Goofy.png
Jasmine, images/jasmine.png
Jumbo, images/jumbo.png
Mermaid, images/mermaid.png
Micky Mouse, images/micky_mouse.png
Minnie Mouse, images/minnie_mouse.png
Pebbles Flintstone, images/pebbles_flintstone.png
Peter Pan, images/peter_pan.png
Pinocchio, images/pinocchio.png
Pluto, images/pluto.png
Simba, images/simba.png
Snow White, images/snow_white.png
Tigger, images/tigger.png
Tinkerbell, images/tinkerbell.png
Tweety, images/tweety.png
Wilma Flintstone, images/wilma_flintstone.png
Winnie The Pooh, images/winnie_the_pooh.png

Lesson leaned – Visual Studio 2015 offers a very easy way to consume a Swagger service that can be used in a variety of your applications.

Reference:

https://azure.microsoft.com/en-us/documentation/articles/app-service-api-dotnet-get-started/