What are the levels at which filters can be applied in ASP .Net MVC C#?

In an ASP.NET MVC application, filters can be applied at three different levels to control the behavior of controllers and action methods. These levels determine the scope of filter application, from specific methods to the entire application.

• Action Method Level − Applies only to a specific action method
• Controller Level − Applies to all action methods within a controller
• Global Level − Applies to all controllers and action methods in the application

Action Method Level

Filters applied at the action method level work only for that specific action method. This provides fine-grained control over individual actions −

using System.Web.Mvc;

namespace DemoMvcApplication.Controllers
{
    public class HomeController : Controller
    {
        [Authorize] // Action Method Level - applies only to Index
        public string Index()
        {
            return "Index Invoked";
        }
        
        public string About()
        {
            return "About Invoked"; // No authorization required
        }
    }
}

Controller Level

Controller level filters are applied to all action methods within that controller. The filter affects every action in the controller but does not impact other controllers −

using System.Web.Mvc;

namespace DemoMvcApplication.Controllers
{
    [Authorize] // Controller Level - applies to all actions in HomeController
    public class HomeController : Controller
    {
        public string Index1()
        {
            return "Index1 Invoked";
        }
        
        public string Index2()
        {
            return "Index2 Invoked";
        }
    }
    
    public class ProductController : Controller
    {
        public string List()
        {
            return "Product List"; // Not affected by HomeController's filter
        }
    }
}

Global Level

Global level filters are configured in the Application_Start event and apply to all controllers and action methods throughout the application. These filters are registered using the FilterConfig.RegisterGlobalFilters() method −

using System.Web;
using System.Web.Mvc;
using System.Web.Optimization;
using System.Web.Routing;

public class MvcApplication : System.Web.HttpApplication
{
    protected void Application_Start()
    {
        AreaRegistration.RegisterAllAreas();
        FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
        RouteConfig.RegisterRoutes(RouteTable.Routes);
        BundleConfig.RegisterBundles(BundleTable.Bundles);
    }
}

public class FilterConfig
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute()); // Global error handling
        filters.Add(new AuthorizeAttribute()); // Global authorization
    }
}

Filter Execution Order

Common Use Cases

• Global Level − Error handling, logging, authentication for entire application
• Controller Level − Authorization for admin controllers, caching for data controllers
• Action Method Level − Specific validation, custom authorization for sensitive operations

Conclusion

ASP.NET MVC filters can be applied at three levels: action method, controller, and global. Understanding these levels helps you apply the right filter at the appropriate scope, ensuring proper separation of concerns and maintainable code architecture.