Skip to main content

Pass multiple complex objects to Web API action

Working with ASP.NET Web API, the most unexpected thing is the limited support of POST data values to simple ApiController methods.

When a parameter has [FromBody], Web API uses the Content-Type header to select a formatter. At most one parameter is allowed to read from the message body. The reason for this rule is that the request body might be stored in a non-buffered stream that can only be read once.

A simple principle, you can send any content in HTTP request, it only need to be serializable into a string. So, it could be multiple JSON object. In this example, the content type is "application/json" and the request body is a raw JSON string (not a JSON object).

Here I found a workaround to pass multiple complex objects (using the above principle) from jquery to a WEB API using JObject, and then cast back to your required specific object type in api controller. This objects provides a concrete type specifically designed for working with JSON.

var customer = {
"Name": "jhon",
"Id": 1,
var product = {
"Name": "table",
"CategoryId": 5,
"Count": 100
var employee = {
"Name": "Fatih",
"Id": 4,

var combinedObj = {}; 
combinedObj["obj1"] = customer; 
combinedObj["obj2"] = product; 
combinedObj["obj3"] = employee;

type: 'POST',
async: true, 
url: 'api/PostGenericObjects/',
data: JSON.stringify(combinedObj),
success: function (response) {
console.log("Response Data ↓");
error: function (err) {

and then you can get this object in your ApiController

using Newtonsoft.Json.Linq;

public string PostGenericObjects(object obj)
string[] str = GeneralMethods.UnWrapObjects(obj);
var customer = JsonConvert.DeserializeObject<Customer>(str[0]);
var product = JsonConvert.DeserializeObject<Product>(str[1]); 
var employee = JsonConvert.DeserializeObject<Employee>(str[2]);

//... other work....


I have made a generic function to unwrap the complex object, so there is no limitation of number of objects while sending and unwrapping. We can even send more than two objects

public class GeneralMethods
  public static string[] UnWrapObjects(object obj)
    JObject o = JObject.Parse(obj.ToString());

    string[] str = new string[o.Count];

    for (int i = 0; i < o.Count; i++)
      string var = "obj" + (i + 1).ToString();
      str[i] = o[var].ToString();
    return str;

I hope it would help someone. I would be interested to hear from the experts here regarding the pros and cons of using this methodology. Do share your feedback.

Happy Coding!


Popular posts from this blog

Call User-defined Function on Linked Server :SQL Server

If you try to invoke a user-defined function (UDF) through a linked server in SQL Server by using a "four-part naming" convention (server.database.dbo.Function), you may receive error message.  The reason is User-defined function calls inside a four-part linked server query are not supported in SQL Server. Thats why error message indicates that the syntax of a Transact-SQL statement is incorrect.  To work around this problem, use the Openquery function instead of the four-part naming convention. For example, instead of the following query Select * from Linked_Server.database.dbo.Function(10) run a query with the Openquery function: Select * from Openquery(Linked_Server,'select database.dbo.Function(10)') If the user-defined function takes variable or scalar parameters, you can use the sp_executesql stored procedure to avoid this behavior.  For example: exec Linked_Server.database.dbo.sp_executesql N'SELECT database.dbo.Function(@input)',N'@input

Configuring CORS in IIS - Response to preflight request doesn't pass access control check: It does not have HTTP ok status

The Access-Control-Allow-Origin Header Explained – With a CORS Example Often times when calling an API, you may see an error in your console that looks like this: Access to fetch at '' from origin '' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value that is not equal to the supplied origin Add following in <system.webServer> <httpProtocol> <customHeaders> <add name="Access-Control-Allow-Methods" value="*" /> <add name="Access-Control-Allow-Origin" value="*" /> <add name="Access-Control-Allow-Headers" value="*" /> </customHeaders> </system.webServer> After adding the above code in web.config, received the following error in response. .... Has been blocked by CORS policy: Response to preflight request doesn’t pass access control check:

Microsoft SQL Server 2005 Service Pack 3 for Windows 7 (64 bit)

You can download from here Microsoft SQL Server 2005 Service Pack 3 Overview Service Pack 3 for Microsoft SQL Server 2005 is now available. SQL Server 2005 service packs are cumulative, and this service pack upgrades all service levels of SQL Server 2005 to SP3. You can use these packages to upgrade any of the following SQL Server 2005 editions: Enterprise Enterprise Evaluation Developer Standard Workgroup Download Size: 326.0 MB Microsoft SQL Server Management Studio Express Service Pack 3 Overview Microsoft SQL Server Management Studio Express (SSMSE) is a free, easy-to-use graphical management tool for managing SQL Server 2005 Express Edition and SQL Server 2005 Express Edition with Advanced Services. SSMSE can also manage instances of the SQL Server Database Engine created by any edition of SQL Server 2005. Note: SSMSE cannot manage SQL Server Analysis