Build a GraphQL API with ASP.NET Core

Build a GraphQL API with ASP.NET Core

‘Build an API with GraphQL and ASP.NET Core.’

Ahad L. Amdani

Hello Ibrahim,

Great article, first and foremost. I’ve learned quite a bit from the quick run-down, so I just wanted to drop you a note and say I appreciate the level of detail that went into this article.

Secondly, it appears there is a formatting issue in this article. Directly before the “Secure Your ASP.NET Core GraphQL Application” section, the code ticks seem to be missing to end the code block, thus rendering the next section (until the next set of ending code ticks) as code instead of the proper markdown you’ve supplied.


Dave van Herten

This is an interesting implementation. All of the GraphQL implementations I’ve seen so far have accessed the Entity Framework DB context by adding Service Location within Resolve methods which allows for an instance per request.

This takes a different take on it where a controller is used to build up the schema and execute it allowing the controller to bring in the request scoped DBContext dependency. Despite the service location, this has the advantage of a singleton schema declaration which prevents building it on every request.

The OPs mechanism is essentially trading avoiding service location in favor of building the schema up on every single request. Depending on the size of your schema I like the way this looks, but I’d have to play with it more.

Neat stuff! Thanks for sharing!


Thanks for this tutorial.

Things I did to make the client work and the article forgot to mention:

define postUri
var postUri = “https://localhost:5001/graphql”;

added access_token to the scopes of the default authorization server in the admin page of okta.
This solved the badrequest I got:

BadRequest {“error”:“invalid_scope”,“error_description”:“One or more scopes are not configured for the authorization server resource.”}


How to solve HttpRequestException:The SSL connection could not be established.
The remote certificate is invalid according to the validation procedure.

Btw my should i get a custom ? what’s the point of having number that seems random to be the same for everyone?


See the part about trusting a certificate:…

Or simply disable the useHttps middelware and change https to http in your client code


Your domain is automatically placed into blog posts if you’re logged into Okta. The blog post itself just has a placeholder in it.


Thanks for article. Everything works except the data returns with extra “$id” which is the id of graphQL and I have no idea how to exclude this field.

Peter Kellner

No repo?


I’m afraid not.

Peter Kellner

Thanks, I’m just learning graphql with core 3 and slowly pasting in code. There does seem to be some syntax mistakes that would make the code never actually work but not 100% sure yet.


Nice article ! Thanks !

Below I add some things that are needed for running it actually:

1. At the… we have to add an Id for both Author and for the Books.

2. At the same point as in 1,…, we have to call ToString on authorDbEntry.Entity.Id, since the later returns an int and AuthorId is of type string.

3. We have to add the packages in the attached screenshot https://uploads.disquscdn.c… along with the packages mentioned in the post.

4. We have to go to the Okta dev portal and the go to API → Authorization Servers → Default (The one we have created in the early stage of this post) → Scopes → Add Scope and add scope with the name access_token. Pls check the attached screenshot https://uploads.disquscdn.c…


A bit late to the party - but this may be the repo:…

Daniel Brown

Thanks for the tutorial! Question, How do you add multiple Queries to the GraphQLController Schema object? For instance if I have a bookQuery.cs and an authorQuery.cs and a… categoryQuery.cs class and want to be able to query all of those, how would I go about adding those in the GraphQL Controller as well?