Quickstarters
How to Build a Backend for ASP.NET Core?

33min
Introduction
In this tutorial, you’ll learn how to build a backend for ASP.NET Core using Back4App. 
By integrating Back4App’s essential features—such as database management, Cloud Code, REST and GraphQL APIs, user authentication, and real-time queries—you’ll gain a complete backend solution for your ASP.NET Core applications. 
This approach supports building scalable web applications, handling server side logic with minimal setup.
With Back4App, you can speed up backend development for your ASP.NET Core project. You'll take advantage of an open source platform that supports a reliable web api infrastructure, database connectivity, and robust cloud functions. 
By the end of this tutorial, you’ll have a working foundation for a secure and extensible backend that offers improved user experiences and handles real time data. You can then extend your net core solution or integrate it with other services as needed.
Prerequisites
A Back4App account and a new Back4App project
Getting Started with Back4app.
If you do not have an account, you can create one for free.
ASP.NET Core Development Environment
Ensure you have the .NET SDK (version 6.0 or above) installed. Download .NET﻿
Familiarity with C# and ASP.NET Core
Official ASP.NET Core Docs.﻿
Optional: If you plan to use Parse .NET SDK, you’ll need Parse-SDK-dotNET or references in your .csproj file.
Ensure you have all of these prerequisites in place before you begin. Having your Back4App project and ASP.NET Core environment ready will make the steps much easier to follow.
Step 1 – Creating a New Project on Back4App and Connecting
Why This Step?
Your ASP.NET Core backend begins with a Back4App project. This project is your server-side foundation, managing your database, security rules, and app settings.
Creating the Project
Log in to your Back4App account.
Click “New App” from your dashboard.
Name your app (e.g., “AspNetCore-Backend-Tutorial”).
﻿
After creation, you’ll see it listed on your dashboard. This new app is your main hub for backend development tasks.
Installing the Parse .NET SDK (Optional)
While you can use REST API or GraphQL directly, the Parse .NET SDK can simplify data operations in your ASP.NET Core solutions. If you want to integrate it:
Add the Parse SDK to your .csproj or via NuGet Package Manager:
Initialize the SDK in your ASP.NET Core application (e.g., Program.cs or Startup.cs):
Replace the placeholders with credentials from your Back4App app’s “App Settings” > “Security & Keys.” This connects your asp.net core project to Back4App’s server side environment.
Step 2 – Setting Up the Database
1. Creating a Data Model
Use the Back4App dashboard to define your class schema. For example, a Todo class with columns like title (String) and isCompleted (Boolean):
Create New Class
﻿
2. Creating a Data Model Using the AI Agent
Open the AI Agent in your Back4App dashboard and describe your data model. For example, “Create a new ToDo class for my asp.net core applications.” The AI Agent then sets up the schema for you.
﻿
3. Reading and Writing Data Using the Parse .NET SDK
Here’s how you might create and fetch Todo items in C#:
C#
using Parse;

// Create a new Todo
public async Task<ParseObject> CreateTodo(string title, bool isCompleted)
{
    var todo = new ParseObject("Todo")
    {
        { "title", title },
        { "isCompleted", isCompleted }
    };

    return await todo.SaveAsync();
}

// Fetch all Todos
public async Task<IEnumerable<ParseObject>> FetchTodos()
{
    var query = new ParseQuery<ParseObject>("Todo");
    return await query.FindAsync();
}
using Parse;

// Create a new Todo
public async Task<ParseObject> CreateTodo(string title, bool isCompleted)
{
    var todo = new ParseObject("Todo")
    {
        { "title", title },
        { "isCompleted", isCompleted }
    };

    return await todo.SaveAsync();
}

// Fetch all Todos
public async Task<IEnumerable<ParseObject>> FetchTodos()
{
    var query = new ParseQuery<ParseObject>("Todo");
    return await query.FindAsync();
}
﻿
4. Reading and Writing Data Using REST API
Alternatively, you can use a REST API approach:
Bash
curl -X POST \
  -H "X-Parse-Application-Id: YOUR_APPLICATION_ID" \
  -H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"title": "Buy groceries", "isCompleted": false}' \
  https://parseapi.back4app.com/classes/Todo
curl -X POST \
  -H "X-Parse-Application-Id: YOUR_APPLICATION_ID" \
  -H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"title": "Buy groceries", "isCompleted": false}' \
  https://parseapi.back4app.com/classes/Todo
﻿
5. Reading and Writing Data Using GraphQL API
To use GraphQL, send queries or mutations to the Back4App GraphQL endpoint:
GraphQL
mutation {
  createTodo(input: {
    fields: {
      title: "Clean the house"
      isCompleted: false
    }
  }) {
    todo {
      objectId
      title
      isCompleted
    }
  }
}
mutation {
  createTodo(input: {
    fields: {
      title: "Clean the house"
      isCompleted: false
    }
  }) {
    todo {
      objectId
      title
      isCompleted
    }
  }
}
﻿
6. Working with Live Queries
Enable real time updates by turning on Live Queries in your dashboard (under Server Settings). Then use the .NET or WebSocket approach to subscribe. This keeps data fresh in your web application without extra calls.
Step 3 – Applying Security with ACLs and CLPs
ACLs and CLPs Overview
ACLs (Access Control Lists) secure individual objects. CLPs (Class-Level Permissions) secure entire classes. This layered approach keeps data safe in your asp.net core environment.
﻿
Setting Up Class-Level Permissions
Open the Database tab in your Back4App dashboard.
Select the Todo class.
Click Class-Level Permissions.
Customize read/write for public or authenticated roles.
Configuring ACLs in Code
With the Parse .NET SDK, you can set ACLs at object level:
C#
var todo = new ParseObject("Todo")
{
    { "title", "Private Task" }
};

// Restrict read/write to only a particular user
var acl = new ParseACL();
acl.SetPublicReadAccess(false);
acl.SetPublicWriteAccess(false);
acl.SetReadAccess(user.ObjectId, true);
acl.SetWriteAccess(user.ObjectId, true);

todo.ACL = acl;
await todo.SaveAsync();
var todo = new ParseObject("Todo")
{
    { "title", "Private Task" }
};

// Restrict read/write to only a particular user
var acl = new ParseACL();
acl.SetPublicReadAccess(false);
acl.SetPublicWriteAccess(false);
acl.SetReadAccess(user.ObjectId, true);
acl.SetWriteAccess(user.ObjectId, true);

todo.ACL = acl;
await todo.SaveAsync();
﻿
Step 4 – Writing Cloud Code Functions
Why Cloud Code?
Cloud Code runs on Back4App’s server side. This is ideal for validations, triggers, or additional logic for your asp.net core project. You can keep sensitive processes secure and off the client.
Example Cloud Function
JS
// main.js example
Parse.Cloud.define('calculateTextLength', async (request) => {
  const { text } = request.params;
  if (!text) {
    throw new Error('No text provided');
  }
  return { length: text.length };
});
// main.js example
Parse.Cloud.define('calculateTextLength', async (request) => {
  const { text } = request.params;
  if (!text) {
    throw new Error('No text provided');
  }
  return { length: text.length };
});
﻿
Deployment
Deploy Cloud Code via:
Back4App CLI: b4a deploy
Dashboard: Paste code into Cloud Code > Functions and click Deploy.
﻿
Calling Cloud Functions
In .NET:
C#
public async Task<Dictionary<string, object>> GetTextLength(string text)
{
    var parameters = new Dictionary<string, object> { { "text", text } };
    var result = await ParseCloud.CallFunctionAsync<Dictionary<string, object>>("calculateTextLength", parameters);
    return result;
}
public async Task<Dictionary<string, object>> GetTextLength(string text)
{
    var parameters = new Dictionary<string, object> { { "text", text } };
    var result = await ParseCloud.CallFunctionAsync<Dictionary<string, object>>("calculateTextLength", parameters);
    return result;
}
﻿
Or via REST:
Bash
curl -X POST \
  -H "X-Parse-Application-Id: YOUR_APP_ID" \
  -H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"text": "Hello Back4App"}' \
  https://parseapi.back4app.com/functions/calculateTextLength
curl -X POST \
  -H "X-Parse-Application-Id: YOUR_APP_ID" \
  -H "X-Parse-REST-API-Key: YOUR_REST_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"text": "Hello Back4App"}' \
  https://parseapi.back4app.com/functions/calculateTextLength
﻿
Step 5 – Configuring Authentication
Enable User Authentication
ASP.NET Core can manage its own identity. But if you prefer, you can offload it to Parse’s User class. Back4App handles password hashing, rest api sessions, and other security details.
C#
// Sign Up
public async Task SignUpUser(string username, string password, string email)
{
    var user = new ParseUser
    {
        Username = username,
        Password = password,
        Email = email
    };

    await user.SignUpAsync();
}

// Log In
public async Task<ParseUser> LogInUser(string username, string password)
{
    return await ParseUser.LogInAsync(username, password);
}
// Sign Up
public async Task SignUpUser(string username, string password, string email)
{
    var user = new ParseUser
    {
        Username = username,
        Password = password,
        Email = email
    };

    await user.SignUpAsync();
}

// Log In
public async Task<ParseUser> LogInUser(string username, string password)
{
    return await ParseUser.LogInAsync(username, password);
}
﻿
Social Login
Integrate Facebook, Google, or other providers if desired by configuring OAuth settings in the Back4App dashboard. Refer to Social Login Docs.﻿
Step 6 – Handling File Storage
Uploading Files
Use ParseFile to upload images or documents:
C#
public async Task<ParseFile> UploadImage(byte[] fileBytes, string fileName)
{
    var parseFile = new ParseFile(fileName, fileBytes);
    await parseFile.SaveAsync();
    return parseFile;
}
public async Task<ParseFile> UploadImage(byte[] fileBytes, string fileName)
{
    var parseFile = new ParseFile(fileName, fileBytes);
    await parseFile.SaveAsync();
    return parseFile;
}
﻿
File Security
Configure file uploads at App Settings > Security & Keys, adjusting who can upload or access files. This protects user data in your web application.
Step 7 – Email Verification and Password Reset
Why It Matters
Email verification ensures users own the email provided. Password reset is crucial for a secure user experience in your asp.net core solutions.
Enable It on Back4App
Go to Email Settings in your Back4App dashboard.
Turn on Enable email verification.
Adjust the password reset template to match your branding.
Step 8 – Scheduling Tasks with Cloud Jobs
Automate Background Tasks
Use Cloud Jobs to run recurring tasks, like deleting old data or sending reminders. For example, cleanupOldTodos:
JS
// main.js
Parse.Cloud.job('cleanupOldTodos', async (request) => {
  const Todo = Parse.Object.extend('Todo');
  const query = new Parse.Query(Todo);

  const now = new Date();
  const THIRTY_DAYS = 30 * 24 * 60 * 60 * 1000;
  const cutoff = new Date(now - THIRTY_DAYS);

  query.lessThan('createdAt', cutoff);
  const oldTodos = await query.find({ useMasterKey: true });
  await Parse.Object.destroyAll(oldTodos, { useMasterKey: true });
  return `Deleted ${oldTodos.length} old Todos.`;
});
// main.js
Parse.Cloud.job('cleanupOldTodos', async (request) => {
  const Todo = Parse.Object.extend('Todo');
  const query = new Parse.Query(Todo);

  const now = new Date();
  const THIRTY_DAYS = 30 * 24 * 60 * 60 * 1000;
  const cutoff = new Date(now - THIRTY_DAYS);

  query.lessThan('createdAt', cutoff);
  const oldTodos = await query.find({ useMasterKey: true });
  await Parse.Object.destroyAll(oldTodos, { useMasterKey: true });
  return `Deleted ${oldTodos.length} old Todos.`;
});
﻿
Set the schedule under Server Settings > Background Jobs in the Back4App dashboard.
Step 9 – Integrating Webhooks
Using Webhooks
Webhooks let your asp.net core backend call external services whenever data changes. For instance, notify a Slack channel when a new Todo is created.
Navigate to Webhooks under More > WebHooks.
Add a new endpoint.
Choose the event (e.g., create Todo).
Adding a Webhook
﻿
Step 10 – Exploring the Back4App Admin Panel
Overview
The Back4App Admin App helps non-technical users manage data (CRUD) without accessing code. It’s model-centric and straightforward.
Enable it under App Dashboard > More > Admin App > Enable Admin App:
Enable Admin App
﻿
Create an Admin user and pick a subdomain. Then log in with your new credentials:
﻿
With Admin App, you and your team can handle essential data tasks quickly, boosting collaboration and freeing development time.
Conclusion
You’ve learned how to build a backend for ASP.NET Core using Back4App to streamline data, security, and functionality. By combining an open source platform with your net core skills, you now have:
A scalable database structure with ACLs and CLPs.
Real time Live Queries for instant data updates.
Cloud Code for secure server-side logic.
Integrated web api endpoints for your web development flow.
Automated Cloud Jobs and webhooks to extend your backend.
An easy-to-use Admin Panel for managing data.
With these foundations in place, you can develop full-fledged asp.net core applications that deliver top-notch user experiences and handle large-scale traffic effortlessly.
Next Steps
Go production: Harden security rules, optimize performance, and leverage Back4App analytics.
Add advanced features: Experiment with roles, role-based access, or 3rd-party APIs (e.g., Stripe, Slack).
Dive deeper into Cloud Code: Write custom triggers, integrate with external services, or handle complex workflows.
Review official Back4App docs: Back4App Documentation offers guidance on advanced usage.
Expand your ASP.NET Core project with richer MVC patterns, microservices, or specialized authentication flows.
﻿
Updated 16 Jan 2025
Did this page help you?
How to Build a Backend for NativeScript?
How to Build a Backend for C#?