Check out my book "Hands-On RESTful Web Services with ASP.NET Core" available on Amazon or Packt. Source code available on GitHub

You can add this attribute to specific controllers or even as a global attribute to make sure that https is used to secure your Web API:

This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.

This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.
This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.This attirbute inspects a request and checks to see whether it is using HTTPS. If not, an error is returned to the client stating that HTTPS is required.

About Samuele Resca

Samuele Resca is an Microsoft MVP Visual Studio and Development Technologies, Software Engineer, specializing mainly on ASP.NET MVC and in general about everything that revolves around the web. Samuele was born in 1994, and works as a software developer @ YOOX NET-A-PORTER Group He loves the MVC frameworks, ASP.NET MVC, Javascript, Node.js and Typescript.