The requested page is not available for the requested platform. You are viewing the content for Default platform.

Connect the XPO Profiler to an ASP.NET Core Application

This topic describes how to profile ASP.NET Core applications using the XPO Profiler.

Connection Setup

  • Create the following controller:

    using DevExpress.Xpo.Logger; 
    using Microsoft.AspNetCore.Mvc; 
    // ...
    public class XpoLoggerController : Controller { 
        readonly static LoggerBase logger = new LoggerBase(50000); 
        static XpoLoggerController() { 
        public LogMessage[] GetCompleteLog() { 
            return logger.GetCompleteLog(); 
        public LogMessage GetMessage() { 
            return logger.GetMessage(); 
        public LogMessage[] GetMessages(int messagesAmount) { 
            return logger.GetMessages(messagesAmount); 
  • Run the XPO Profiler. Click File | New. In the New Host dialog, supply the following parameters:

    Parameter Value
    Binding type Select "WebApi" in the drop-down list.
    Server name Specify the hostname. The HTTP protocol is used by default. To use HTTPS, add the protocol prefix to the hostname (for example, "https://myserver").
    Port Specify the web site's port number.
    Path Specify the path to the controller (demonstrated in the first step) that corresponds to the web application (for example, "XpoLogger").

    XPO Profiler - Web API Binding

  • Click Test to test the connection.

Authentication Setup

XPO Profiler supports the following authentication types when using WebAPI binding:

Authentication Type Description Authentication Dialog
Anonymous Your web application should provide a anonymous access to the controller demonstrated in the Connection Setup section. None
Basic XPO profiler displays the Authentication dialog where you can specify the login and password. XPO Profiler - Auth By LoginPassword
Token-Based XPO profiler displays the Authentication dialog where you can specify the authentication token. Your web application should implement a custom authentication handler (see the section below for details). XPO Profiler - Auth By Token

Token-Based Authentication

  • Implement the following XpoProfilerTokenHandler authentication handler:

    using Microsoft.AspNetCore.Authentication;
    // ...
    class XpoProfilerTokenHandler : AuthenticationHandler<AuthenticationSchemeOptions>, IAuthenticationHandler {
        const string ValidToken = "xpoxpo";
        public const string AuthScheme = "XpoProfilerToken";
        public XpoProfilerTokenHandler(IOptionsMonitor<AuthenticationSchemeOptions> options,
        ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) { }
        protected override Task<AuthenticateResult> HandleAuthenticateAsync() {
            return Task.Run(() => {
                string header = Context.Request.Headers["Authorization"].FirstOrDefault(h => h.StartsWith(AuthScheme));
                if(header != null) {
                    string token = header.Substring(AuthScheme.Length + 1);
                    if(token == ValidToken) {
                        var principal = new ClaimsPrincipal(new ClaimsIdentity(null, AuthScheme));
                        return AuthenticateResult.Success(new AuthenticationTicket(principal, AuthScheme));
                return AuthenticateResult.NoResult();

    The XpoProfilerTokenHandler.ValidToken constant value ("xpoxpo" in this example) is a token that you should specify in the XPO Profiler's Authentication dialog to connect to your web application. Replace "xpoxpo" with a custom secret token string for security purposes.

  • Register your custom authentication handler in the Startup.ConfigureServices method declared in the Startup.cs file.

    public void ConfigureServices(IServiceCollection services) {
            .AddAuthentication( /*your default authentication_scheme*/)
            .AddScheme<AuthenticationSchemeOptions, XpoProfilerTokenHandler>(XpoProfilerTokenHandler.AuthScheme, null);
  • Apply the Authorize attribute to your XpoLoggerController class (demonstrated in the Connection Setup section).

    using Microsoft.AspNetCore.Authorization;
    // ...
    [Authorize(AuthenticationSchemes = XpoProfilerTokenHandler.AuthScheme)]
    public class XpoLoggerController : Controller {
        // ...