App and API Protection capabilities support

The following App and API Protection capabilities are supported in the .NET library, for the specified tracer version:

The minimum tracer version to get all supported App and API Protection capabilities for .NET is 2.42.0.

Note: AAP requires enabling Remote Configuration, which is included in the listed minimum tracer version.

Supported deployment types

Note: Azure App Service is supported for web applications only. App and API Protection capabilities are not supported for Azure Functions.

Language and framework compatibility

Supported .NET versions

These are supported on the following architectures:

• Linux (GNU) x86-64, ARM64
• Alpine Linux (musl) x86-64, ARM64
• macOS (Darwin) x86-64, ARM64
• Windows (msvc) x86, x86-64

Web framework compatibility

• Attacker source HTTP request details
• Tags for the HTTP request (status code, method, etc)
• Distributed Tracing to see attack flows through your applications

App and API Protection capability notes

Data store compatibility

Datastore tracing provides:

• SQL attack detection
• query info (for example, a sanitized query string)
• error and stacktrace capturing

App and API Protection capability notes

• Threat Protection also works at the HTTP request (input) layer, and so works for all databases by default, even those not listed in the table below.

User authentication frameworks compatibility

Integrations to User Authentication Frameworks provides:

• User login events including the user IDs
• User signup events (apps using built-in SignInManager)
• Account Takeover detection monitoring for user login events