Viewing .NET configuration values

Ever wanted to see all your configuration values in a .NET app? Ever wrote your own code to enumerate all those values? Me too, and we've both wasted our time! This quick post shows how to use the GetDebugView extension method on IConfigurationRoot which does exactly that. It has changes coming in .NET 7 that I'll show too.

I wasn't aware of this extension method until recently, when I was looking through new API changes coming in .NET 7.

GetDebugView has been around since .NET Core 3.0!

Anyway, now that we've found it, here's how to use it. Given some standard configuration like this:

{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"Password": "Fido123"
}

... anywhere you have access to Configuration, e.g. in your ASPNET startup code, you can get the values with builder.Configuration.GetDebugView();

It shows the values and, crucially, where they came from. Here's a snippet of what it outputs (there's a lot of items as it includes environment variables too):

AllowedHosts=* (JsonConfigurationProvider for 'appsettings.json' (Optional))
ASPNETCORE_ENVIRONMENT=Development (EnvironmentVariablesConfigurationProvider Prefix: '')
Logging:
LogLevel:
Default=Information (JsonConfigurationProvider for 'appsettings.Development.json' (Optional))
Microsoft.AspNetCore=Warning (JsonConfigurationProvider for 'appsettings.Development.json' (Optional))
Password=Fido123 (JsonConfigurationProvider for 'appsettings.json' (Optional))

I won't go any further into the details of how it works, as Andrew Lock has an excellent post that covers all of that.

What's new in .NET 7 then? #

You might've spotted an issue in the output above:

AllowedHosts=* (JsonConfigurationProvider for 'appsettings.json' (Optional))
ASPNETCORE_ENVIRONMENT=Development (EnvironmentVariablesConfigurationProvider Prefix: '')
Logging:
LogLevel:
Default=Information (JsonConfigurationProvider for 'appsettings.Development.json' (Optional))
Microsoft.AspNetCore=Warning (JsonConfigurationProvider for 'appsettings.Development.json' (Optional))
+ Password=Fido123 (JsonConfigurationProvider for 'appsettings.json' (Optional))

You might want to control what gets written, e.g. don't write passwords or secrets.

In .NET 7, there is a new overload:

public static string GetDebugView(
this IConfigurationRoot root,
+ Func<ConfigurationDebugViewContext, string>? processValue)

This new overload allows to you to provide a method that takes a context, e.g. builder.Configuration.GetDebugView(ProcessValue);. In the method that you provide, you can control what gets written, for example:

string ProcessValue(ConfigurationDebugViewContext context)
{
if (context.Key == "Password")
{
return "[REDACTED]";
}

return context.Value ?? "[NULL]";
}

That checks individual keys, but you can also have broader checks, e.g. check which provider the value is coming from:

if (context.ConfigurationProvider.ToString() == nameof(SecretConfigurationProvider))
{
return "[REDACTED]";
}

This allows us to filter sensitive information that shouldn't be written out, e.g. to log files.

What have we seen? #

We've seen that GetDebugView is a very useful method, and that it is becoming more useful in .NET 7. And if you follow the links above, you'll undoubtedly come across comments which, quite rightly, say not to include this information in an HTTP endpoint (even in debug mode!).

🙏🙏🙏

Since you've made it this far, sharing this article on your favorite social media network would be highly appreciated 💖! For feedback, please 🦋 ping me on Bluesky! 🦋

Leave a comment

Comments are moderated, so there may be a short delays before you see it.

Published