---
title: .NET Compatibility Requirements
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > App and API Protection > Enabling App and API
  Protection > Compatibility Requirements > .NET Compatibility Requirements
---

# .NET Compatibility Requirements

{% callout %}
# Important note for users on the following Datadog sites: app.ddog-gov.com

{% alert level="danger" %}
This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ().
{% /alert %}

{% /callout %}

## App and API Protection capabilities support{% #app-and-api-protection-capabilities-support %}

The following App and API Protection capabilities are supported in the .NET library, for the specified tracer version:

| App and API Protection capability      | Minimum .NET tracer version |
| -------------------------------------- | --------------------------- |
| Threat Detection                       | 2.23.0                      |
| Threat Protection                      | 2.26.0                      |
| Customize response to blocked requests | 2.27.0                      |
| Automatic user activity event tracking | 2.32.0                      |
| API Security                           | 2.42.0                      |

The minimum tracer version to get all supported App and API Protection capabilities for .NET is 2.42.0.

**Note**: AAP requires enabling [Remote Configuration](https://docs.datadoghq.com/tracing/guide/remote_config.md), which is included in the listed minimum tracer version.

### Supported deployment types{% #supported-deployment-types %}

| Type              | Threat Detection support |
| ----------------- | ------------------------ |
| Docker            | yes                      |
| Kubernetes        | yes                      |
| Amazon ECS        | yes                      |
| AWS Fargate       | yes                      |
| AWS Lambda        | yes                      |
| Azure App Service | yes                      |

**Note**: Azure App Service is supported for **web applications only**. App and API Protection capabilities are not supported for Azure Functions.

## Language and framework compatibility{% #language-and-framework-compatibility %}

### Supported .NET versions{% #supported-net-versions %}

| .NET Framework Version | Microsoft End of Life | Support level | Package version |
| ---------------------- | --------------------- | ------------- | --------------- |
| 4.8                    | GA                    | latest        |
| 4.7.2                  | GA                    | latest        |
| 4.7                    | GA                    | latest        |
| 4.6.2                  | GA                    | latest        |
| 4.6.1                  | 04/26/2022            | GA            | latest          |

These are supported on the following architectures:

- Linux (GNU) x86-64, ARM64
- Alpine Linux (musl) x86-64, ARM64
- macOS (Darwin) x86-64, ARM64
- Windows (msvc) x86, x86-64

### Web framework compatibility{% #web-framework-compatibility %}

- Attacker source HTTP request details
- Tags for the HTTP request (status code, method, etc)
- Distributed Tracing to see attack flows through your applications

##### App and API Protection capability notes{% #app-and-api-protection-capability-notes %}

| Framework         | Threat Detection supported? | Threat Protection supported? |
| ----------------- | --------------------------- | ---------------------------- |
| ASP.NET MVC       | yes                         | yes                          |
| ASP.NET Web API 2 | yes                         | yes                          |

{% alert level="info" %}
If you don't see your framework of choice listed, let us know! Fill out [this short form to send details](https://forms.gle/gHrxGQMEnAobukfn7).
{% /alert %}

### Data store compatibility{% #data-store-compatibility %}

**Datastore tracing provides:**

- SQL attack detection
- query info (for example, a sanitized query string)
- error and stacktrace capturing

##### App and API Protection capability notes{% #app-and-api-protection-capability-notes-1 %}

- **Threat Protection** also works at the HTTP request (input) layer, and so works for all databases by default, even those not listed in the table below.

| Framework  | Threat Detection supported? | Threat Protection supported? |
| ---------- | --------------------------- | ---------------------------- |
| OracleDB   | yes                         | yes                          |
| ADO.NET    | yes                         | yes                          |
| SQL Server | yes                         | yes                          |
| MySQL      | yes                         | yes                          |
| SQLite     | yes                         | yes                          |

### User authentication frameworks compatibility{% #user-authentication-frameworks-compatibility %}

Integrations to **User Authentication Frameworks provides:**

- User login events including the user IDs
- User signup events (apps using built-in SignInManager)
- Account Takeover detection monitoring for user login events

| Framework        |
| ---------------- |
| \> .Net Core 2.1 |