0

I have created a register user endpoint in an ASP.NET Core app. For that I am using the following DTO:

namespace CommandAPI.Models
{
    using System.ComponentModel.DataAnnotations;

    public class  RegisterUserDto
    {
        [Required]
        [EmailAddress]
        public string  Email { get; set; }     

        [Required]
        public string Password { get; set; }
    }
}

If I make a https call to this endpoint with following body :

[
  {
        "Email" : "[email protected]",
        "Password" : "abc@123#"
  }
]

The endpoint returns the following error response :

{
  "errors": {
    "": [
      "Cannot deserialize the current JSON array (e.g. [1,2,3]) into type 'CommandAPI.Models.RegisterUserDto' because the type requires a JSON object (e.g. {\"name\":\"value\"}) to deserialize correctly.\r\nTo fix this error either change the JSON to a JSON object (e.g. {\"name\":\"value\"}) or change the deserialized type to an array or a type that implements a collection interface (e.g. ICollection, IList) like List<T> that can be deserialized from a JSON array. JsonArrayAttribute can also be added to the type to force it to deserialize from a JSON array.\r\nPath '', line 1, position 1."
    ]
  },
  "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
  "title": "One or more validation errors occurred.",
  "status": 400,
  "traceId": "|3dcc7b94-4f57775eed318939."
}

Though the error is correct, but it contains my dto class name with namespace. How to suppress this detail in response?

I am using the following service to convert incoming json request to C# object :

services.AddControllers().AddNewtonsoftJson(s => s.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver());
Improve this question
9
  • 2
    I recommend leaving it, your DTO and its namespace is not a secret but the contract of your API, the client (you) provided an input that violates the specified contract and the error shows that. Commented Oct 1, 2021 at 7:08
  • 2
    Why do you want to suppress it? This is a validation error, not a random exception. but it contains my dto class name with namespace. yes. Those are part of your documentation and your Swagger schema already. If you posted {"Email":"potato"} you'd get a validation message saying that the password field is missing. The request you posted is something that's used by a registration form and any validation problems that aren't caught by the client/browser browser will have to be caught by the server and reported to the browser Commented Oct 1, 2021 at 7:16
  • Besides, if someone wants to sniff your API all they need to do is open that page and use either Fiddler or the browser's Developer Tools Network tab to inspect the requests. Commented Oct 1, 2021 at 7:20
  • 1
    If you still want the error but with a different message, does Custom error response for incorrect json. Dotnet Core Web API answer your question? Commented Oct 1, 2021 at 15:57
  • 1
    @dbc Yes. But I think others also have a valid point. To keep the behaviour as it is. Commented Oct 2, 2021 at 14:18
Related questions
31
how to return json error msg in asp.net web api?
9
Returning JSON Errors from Asp.Net MVC 6 API
3
How to configure .NET Core API to always return JSON
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.