Skill

configuration

Provides .NET configuration patterns: Options pattern with validation, IOptions/IOptionsSnapshot/IOptionsMonitor injection, secrets management, environment variables. Use for appsettings, connection strings, config binding.

.NET

backend

security

npx claudepluginhub codewithmukesh/dotnet-claude-kit --plugin dotnet-claude-kit

Popularity

Stars

351

Forks

Shared by

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/dotnet-claude-kit:configuration

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

1. **Options pattern always** — Never read `IConfiguration` directly in services. Bind configuration sections to strongly-typed classes with validation.

SKILL.md

198 lines · ~1.4k tokens

Similar Skills

microsoft-extensions-configuration

Configuration patterns using Microsoft.Extensions.Configuration. Covers configuration providers, binding, validation, and best practices for .NET applications. Use when setting up configuration in .NET applications, implementing configuration validation with IValidateOptions, or managing settings across different environments.

dotnet-skills

dotnet-options-pattern

Implements the .NET Options pattern for strongly-typed configuration with IOptions<T>, IOptionsSnapshot<T>, and IOptionsMonitor<T> including validation and reload support.

dotnet-clean-architecture-skills

dotnet-backend-patterns

35.6k

Provides .NET backend patterns for APIs, MCP servers, and enterprise apps: clean architecture, DI, EF Core, Dapper, Redis caching, IOptions config, and xUnit testing.

4 files

dotnet-contribution

Stats

LanguageC#

Stars351

Forks85

MaintenanceExcellent

Last CommitMar 24, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

Configuration

Core Principles

Options pattern always — Never read IConfiguration directly in services. Bind configuration sections to strongly-typed classes with validation.
Validate on startup — Use ValidateDataAnnotations() and ValidateOnStart() to catch misconfiguration before the first request.
Secrets never in source — Use user secrets in development, Azure Key Vault or environment variables in production. Never commit secrets to git.
Configuration layering — appsettings.json → appsettings.{Environment}.json → environment variables → user secrets. Later sources override earlier ones.

Patterns

Options Pattern

// Options class with validation attributes
public class DatabaseOptions
{
    public const string SectionName = "Database";

    [Required]
    public required string ConnectionString { get; init; }

    [Range(1, 100)]
    public int MaxRetryCount { get; init; } = 3;

    [Range(1, 60)]
    public int CommandTimeoutSeconds { get; init; } = 30;
}

// Registration with validation
builder.Services.AddOptions<DatabaseOptions>()
    .BindConfiguration(DatabaseOptions.SectionName)
    .ValidateDataAnnotations()
    .ValidateOnStart(); // Fails at startup if configuration is invalid

// appsettings.json
{
  "Database": {
    "ConnectionString": "",
    "MaxRetryCount": 3,
    "CommandTimeoutSeconds": 30
  }
}

Injecting Options

// IOptions<T> — singleton, read once at startup, doesn't change
public class OrderService(IOptions<DatabaseOptions> options)
{
    private readonly DatabaseOptions _db = options.Value;
}

// IOptionsSnapshot<T> — scoped, re-reads per request (for reloadable config)
public class OrderService(IOptionsSnapshot<DatabaseOptions> options)
{
    private readonly DatabaseOptions _db = options.Value;
}

// IOptionsMonitor<T> — singleton, actively watches for changes
public class BackgroundWorker(IOptionsMonitor<WorkerOptions> options)
{
    public void DoWork()
    {
        var current = options.CurrentValue; // Always latest
    }
}

Custom Validation (Complex Rules)

builder.Services.AddOptions<JwtOptions>()
    .BindConfiguration("Jwt")
    .Validate(options =>
    {
        if (string.IsNullOrEmpty(options.Key) || options.Key.Length < 32)
            return false;
        if (options.ExpirationMinutes <= 0)
            return false;
        return true;
    }, "JWT key must be at least 32 characters and expiration must be positive")
    .ValidateOnStart();

Azure Key Vault (Production)

// Program.cs — add Key Vault as a configuration source
if (builder.Environment.IsProduction())
{
    var keyVaultUri = new Uri(builder.Configuration["KeyVault:Uri"]!);
    builder.Configuration.AddAzureKeyVault(keyVaultUri, new DefaultAzureCredential());
}

Configuration for Multiple Environments

// Named options — different config per named instance
builder.Services.AddOptions<SmtpOptions>("internal")
    .BindConfiguration("Smtp:Internal");
builder.Services.AddOptions<SmtpOptions>("customer")
    .BindConfiguration("Smtp:Customer");

// Usage
public class EmailService(IOptionsSnapshot<SmtpOptions> options)
{
    public async Task SendInternalEmail(string to, string body)
    {
        var smtp = options.Get("internal");
        // ...
    }
}

Anti-patterns

Don't Read IConfiguration Directly

// BAD — stringly-typed, no validation, hard to test
public class OrderService(IConfiguration config)
{
    public void Process()
    {
        var timeout = int.Parse(config["Database:CommandTimeout"]!);
    }
}

// GOOD — strongly-typed options
public class OrderService(IOptions<DatabaseOptions> options)
{
    public void Process()
    {
        var timeout = options.Value.CommandTimeoutSeconds;
    }
}

Don't Put Secrets in appsettings.json

// BAD — committed to source control
{
  "Jwt": { "Key": "super-secret-key" },
  "Database": { "ConnectionString": "Server=prod;Password=secret" }
}

// GOOD — appsettings.json has defaults/structure only
{
  "Jwt": { "Key": "", "Issuer": "myapp", "Audience": "myapp" },
  "Database": { "ConnectionString": "" }
}
// Secrets provided via user-secrets (dev) or env vars / Key Vault (prod)

Don't Skip Startup Validation

// BAD — misconfiguration discovered at runtime
builder.Services.Configure<JwtOptions>(builder.Configuration.GetSection("Jwt"));

// GOOD — fail fast at startup
builder.Services.AddOptions<JwtOptions>()
    .BindConfiguration("Jwt")
    .ValidateDataAnnotations()
    .ValidateOnStart();

Decision Guide

Scenario	Recommendation
Binding config to class	Options pattern with `BindConfiguration`
Simple, immutable config	`IOptions<T>`
Config that changes per request	`IOptionsSnapshot<T>`
Background service watching config	`IOptionsMonitor<T>`
Development secrets	`dotnet user-secrets`
Production secrets	Azure Key Vault or environment variables
Validating config	`ValidateDataAnnotations()` + `ValidateOnStart()`
Multiple configs of same type	Named options with `IOptionsSnapshot<T>.Get(name)`

configuration

Popularity

Invocation

Context Preview

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

configuration

Popularity

Invocation

Context Preview

SKILL.md

Configuration

Core Principles

Patterns

Options Pattern

Injecting Options

Custom Validation (Complex Rules)

Azure Key Vault (Production)

Configuration for Multiple Environments

Anti-patterns

Don't Read IConfiguration Directly

Don't Put Secrets in appsettings.json

Don't Skip Startup Validation

Decision Guide

Similar Skills

Help us improve

Configuration

Core Principles

Patterns

Options Pattern

Injecting Options

Custom Validation (Complex Rules)

Azure Key Vault (Production)

Configuration for Multiple Environments

Anti-patterns

Don't Read IConfiguration Directly

Don't Put Secrets in appsettings.json

Don't Skip Startup Validation

Decision Guide