Configuration and appsettings.json in ASP.NET Core: Complete Beginner Guide
Every application requires configuration settings. Database connection strings, API keys, email server settings, logging options, and feature flags should not be hard-coded into your application.
ASP.NET Core provides a flexible configuration system that allows developers to manage settings from multiple sources, including JSON files, environment variables, command-line arguments, and secret storage providers.
In this tutorial, you'll learn how configuration works in ASP.NET Core, how to use appsettings.json, bind settings to strongly typed classes, and follow security best practices.
- What Is Configuration?
- Understanding appsettings.json
- Reading Configuration Values
- IConfiguration
- Configuration Sections
- Options Pattern
- Environment-Specific Settings
- Environment Variables
- User Secrets
- Best Practices
What Is Configuration?
Configuration refers to settings that control how an application behaves.
Common examples include:
- Database connection strings
- API keys
- Email settings
- Logging options
- Authentication settings
- Application URLs
Storing these values outside source code makes applications easier to maintain and deploy.
Understanding appsettings.json
The default configuration file in ASP.NET Core is appsettings.json.
{
"ConnectionStrings": {
"DefaultConnection":
"Server=(localdb)\\MSSQLLocalDB;
Database=MyAppDb;
Trusted_Connection=True;"
},
"EmailSettings": {
"Host": "smtp.example.com",
"Port": 587,
"Sender": "admin@example.com"
}
}
Configuration values are organized into sections for better readability.
Reading Configuration Values
ASP.NET Core provides IConfiguration for accessing settings.
public class HomeController : Controller
{
private readonly
IConfiguration _configuration;
public HomeController(
IConfiguration configuration)
{
_configuration = configuration;
}
}
Access a Single Value
string host =
_configuration["EmailSettings:Host"];
Use a colon to access nested configuration values.
Reading Connection Strings
string connectionString =
_configuration
.GetConnectionString(
"DefaultConnection");
This is the recommended way to access database connection strings.
Configuration Sections
Configuration sections help organize related settings.
{
"ApiSettings": {
"BaseUrl": "https://api.example.com",
"Timeout": 30
}
}
var section =
_configuration
.GetSection("ApiSettings");
Creating a Strongly Typed Configuration Class
public class EmailSettings
{
public string Host
{
get; set;
} = "";
public int Port
{
get; set;
}
public string Sender
{
get; set;
} = "";
}
Strongly typed classes provide better readability and IntelliSense support.
Configuration Binding
builder.Services.Configure
<EmailSettings>(
builder.Configuration
.GetSection(
"EmailSettings"));
This automatically maps configuration values to the EmailSettings class.
Using the Options Pattern
Microsoft recommends the Options Pattern for accessing configuration.
using Microsoft.Extensions.Options;
public class EmailService
{
private readonly
EmailSettings _settings;
public EmailService(
IOptions<EmailSettings> options)
{
_settings = options.Value;
}
}
Environment-Specific Configuration
ASP.NET Core supports separate configuration files for different environments.
appsettings.json
appsettings.Development.json
appsettings.Production.json
Environment-specific settings override values from appsettings.json.
Development Configuration Example
{
"Logging": {
"LogLevel": {
"Default": "Debug"
}
}
}
Production Configuration Example
{
"Logging": {
"LogLevel": {
"Default": "Warning"
}
}
}
Using Environment Variables
Environment variables are commonly used in cloud deployments.
ConnectionStrings__DefaultConnection
Double underscores map to nested configuration sections.
User Secrets
Sensitive values should not be stored directly in source control.
dotnet user-secrets init
dotnet user-secrets set
"ApiKey"
"123456789"
User Secrets provide a secure way to store development secrets locally.
Configuration Source Order
ASP.NET Core loads configuration from multiple providers.
- appsettings.json
- appsettings.Environment.json
- User Secrets
- Environment Variables
- Command-Line Arguments
Later providers override earlier values.
Common Beginner Mistakes
- Hardcoding connection strings.
- Storing secrets in source control.
- Ignoring environment-specific settings.
- Using magic strings throughout the application.
- Not validating configuration values.
Best Practices
- Use appsettings.json for application settings.
- Use strongly typed configuration classes.
- Use the Options Pattern.
- Store secrets securely.
- Use environment-specific configuration files.
- Validate critical settings during startup.
- Keep configuration organized and documented.
Frequently Asked Questions
What is appsettings.json?
appsettings.json is the default configuration file used by ASP.NET Core applications to store application settings.
Should I store passwords in appsettings.json?
No. Sensitive information should be stored using User Secrets, environment variables, or secure secret management systems.
What is IConfiguration?
IConfiguration is the interface used to access configuration values throughout an ASP.NET Core application.
What is the Options Pattern?
The Options Pattern provides a strongly typed and maintainable way to access configuration settings.
Related Tutorials
- Dependency Injection in ASP.NET Core
- Email Sending in ASP.NET Core
- JWT Authentication in ASP.NET Core
- Build a REST API in ASP.NET Core
- File Handling in ASP.NET Core
- Repository Pattern in ASP.NET Core
Conclusion
Configuration management is a critical part of building professional ASP.NET Core applications. Properly organizing settings improves maintainability, security, and deployment flexibility.
By understanding appsettings.json, IConfiguration, configuration binding, the Options Pattern, environment variables, and User Secrets, you'll be able to manage application settings confidently in both development and production environments.