Similar Posts

Leave a Reply

Your email address will not be published.

39 Comments

    1. Very nice detailed article.
      I recommend you to slightly change the SmtpClient part because this API is obsolete so you won’t support modern authentication or forcing ipv4 on ipv6 network for example.
      So as recommended by Microsoft, you should replace SmtpClient by Mailkit.
      https://docs.microsoft.com/en-us/dotnet/api/system.net.mail.smtpclient?view=netcore-3.1#remarks
      I got a bunch of trouble on Azure App Service private endpoint using SmtpClient due to its dependency of TcpClient Api.
      You can find my note on Msdocs hithub

      https://github.com/MicrosoftDocs/azure-docs/issues/45991#issuecomment-631963921

      Otherwise very nice article and you even mentioned the security part that’s a bunch of articles always missed.

      1. Thanks for the feedback! Personally I have never faced any issues with SMTPClient at work. Wasn’t it a bug on the documentation that states SMTPClient is obsolete for .NET? I thought it was, and it is obsolete for Xamarin and Mono I guess. Anyways, I will check regarding it and update the article in some time. Thanks 😀

        1. You’re welcome 🙂
          Haha, meet too, i have never got an issue with SmtpClient until i know there is an issue, lol. So, no, it’s not a bug on the doc but indeed, the doc is quite ‘vague’ regarding why except mentioning “modern protocols”.
          Another example SmtpClient cannot natively handle OAuth and i cannot handle OAuth2 which i guess will be the standard in the future (Google Api docs).
          The modification from SmtpClient to Mailkit is quite easy, so it’s ok.

        2. Hi Mukesh,

          Thanks for this nice article.

          I recently came across using “User secrets” for storing sensitive key values and it is even more secure than storing the value in appsettings.json. I believe retrieving value from this store should be same like reading from appsettings.

          1. Hi Muthu, Thanks for the feedback. Yes, user-secrets is a good option as well, but may cause confusions while pushing my source to github. AppSettings is much more convenient for everyone (especially the beginners) to play around with the settings. Also, I am saving up the user-settings for another detailed article.
            Thanks and Regards

  1. This is great. I have been looking for how to accomplish this without using identity user. Thanks so much.

  2. Nice article.. could you add on or write another article that talks about reading emails and processing the attachments

      1. Nice article. Reading this felt like I was having a conversation with you probably because of how simple and easy to understand you made it.
        Thank you so much.

  3. Can u provide me simple crud operations real industry related. Net core wth dapper, webapi

  4. Help:

    Used code from GitHub.
    Setup Appsettings.
    Setup Gmail including Less Secure App Access

    but just get:

    Error: unable to verify the first certificate – at Postman???

  5. hi mukesh thanx for your support project
    but when i run solution wheather forcast page came as page
    and idont know hpw to use postman
    iam new user at asp.net core

    1. Hi, Glad to see that you are learning ASP.NET Core. Yes, by default ASP.NET Core creates a weather forecast controller with some sample data. Also, this is the default URL while launching the application. I believe you are quite aware of REST Apis.

      Postman is a simple FREE tool to send requests and receive responses from REST Apis. It’s quite a straight forward tool. I can refer you to a youtube tutorial to learn more about postman – https://www.youtube.com/watch?v=juldrxDrSH0&list=PLhW3qG5bs-L-oT0GenwPLcJAPD_SiFK3C

      Thanks for writing, let me know if you require additional support.

  6. Hi Mukesh,

    Nice article. I am using SendGrid in my application. it works fine local. once code published in Azure app services it’s not working. Is there any settings I need to configure for SendGrid in Azure.

    Please can you help me?

    Thanks
    Ram

  7. Hi,
    Thanks you very much for excellent tutorial!
    I was wondering if it is possible to add several emails to ToEmail, say I would like to send the welcome request to the user and two admins.

    Thanks,
    Best regards

  8. Hello,

    I found this article very very useful.
    I have one doubt. If I send attachment from Postman or from localhost/swagger, it can be sent. But if I send attachment from server/swagger , attachment not received. I get 200 OK response for API, but attachment cannot be sent.
    What could be the issue?Please reply asap.

  9. Hello Mukesh,
    I am facing one issue in .net core application. I have added connection string in appsettings.json and I am accessing it to startup.cs, configuration shows null . But if I add hardcoded connection string, it works.
    I checked spell mistakes, like ConnectionStrings is proper and string is also correct. Not getting what is the cause.
    Please help me out.

  10. Hello,
    I am using swagger and sql server in my application.I have used scaffolding for creating dbcontext and classes.
    In db, I am using UserId field, and it is set Identity(1,1).
    Now , when I execute API through swagger, I dont want UserId to appear on request/response. It should get saved in table, when I execute api, without entering it manually in json repsonse.
    So how to hide it from appearing in swagger ui?
    Please reply asap.
    TIA

  11. Hi, that’s a nice and easy way to send emails.. I’m new at netcore so I’m wondering if is there a chance to send this emails outside a controller.. thank you!

  12. Hi Mukesh could you please do the same in Blazor wasm to verify users by sending an email. very good and informative article

  13. Hello Mukesh –

    This is a wonderful and clear article – thank you very much for sharing!!

    I’m new to APIs and in Visual Studio, I’m getting a security warning with the SendMail controller methods that they could be potentially vulnerable to Cross Site Request Forgery attacks.

    Is this something I should be concerned with? If so, with an API, how would I generate an anti-forgery token?