![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 30%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,595 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 9%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
Hi @Arnold Mendoza ,
If you don't want to use identity for authentication, the authentication in the Blazor server application can be done by registering a cookie or JWT authentication handler. Because the Blazor server runs in an ASP.NET Core application, cookie authentication is simpler. You can do this by adding Cookie AuthenticationHandler to the ConfigureServices method in Startup.cs:
services.AddAuthentication()
.AddCookies();
You then also need to instruct the Middleware to inspect incoming Request wheter they have a valid Cookie so that then the ClaimsPrincipal property on the HttpContext can be set:
app.UseAuthentication();
By using this configuration every User that requests your app with a Cookie you issued to them by calling SignInAsync from a controller is authenticated. You cant append a Cookie to a Http response inside a Razor Component because the Response has already finished (all changes are send over the WebSockets Connection). You then can use the built in AuthorizeView component to only render content to authenticated users. Without further configuration every user that you issued a cookie to is authenticated.
You can also use JWT authentication. As it is the case with Cookies ASP.NET Core has also built-in middleware to achieve that. In such case I would build a custom AuthenticationProvider that implements the abstract class AuthenticationStateProvider. Inside the GetAuthenticationStateAsync() method you retrieve the token from LocalStorage. You then need to check its validity so the according AuthenticationState can be returned (Its has a property of type ClaimsPrincipal).
You can build your own Authorization Filter and check for the tokens validity.
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best Regards,
ChaoDeng
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 7.000000000000001%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)