This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 31%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
Hello, As we know when we create an application using Blazor Web App Template in .Net 8, we get project one for Server and another one for Client. so how azure authentication will apply/configure in this application.
More simply I just wanted know where I need to add Azure Authority,Client Id,Teanent Id etc. Then if this stuff in Server then what services or configuration i need to done in Program.cs of server and on other hand in Program.cs of Client and how i can implement Login and logout functionality in .NET 8 Blazor web app with using Auto render mode for per page interactivity ?
@Kuldeep Y
I wanted to check in and see if you had any other questions or if you were able to resolve this issue?
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hi @Kuldeep Y
Following up to see if the below answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 84%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
It would be better if there was option to select Azure AD directly similar to MVC Project type
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 65%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
Connecting to Azure Active Directory (Azure AD) in a .NET Blazor app follows the same steps, whether the project server and client blazor app. The process entails utilizing the Microsoft Authentication Library (MSAL) for .NET.
using Microsoft.AspNetCore.Components.WebAssembly.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Identity.Client;
public class Program
{
public static async Task Main(string[] args)
{
var builder = WebAssemblyHostBuilder.CreateDefault(args);
builder.RootComponents.Add<App>("#app");
builder.Services.AddScoped(sp => new HttpClient { BaseAddress = new Uri(builder.HostEnvironment.BaseAddress) });
// Add MSAL configuration
builder.Services.AddMsalAuthentication(options =>
{
builder.Configuration.Bind("AzureAd", options.ProviderOptions.Authentication);
});
await builder.Build().RunAsync();
}
}
{
"AzureAd": {
"Authority": "https://login.microsoftonline.com/your-tenant-id",
"ClientId": "your-client-id",
"DefaultScopes": ["openid", "profile", "offline_access"]
}
}
<AuthorizeView>
<Authorized>
<p>Hello, @context.User.Identity.Name!</p>
</Authorized>
<NotAuthorized>
<p>You are not logged in.</p>
</NotAuthorized>
</AuthorizeView>
@inject AuthenticationStateProvider AuthenticationStateProvider
@code {
private ClaimsPrincipal User;
protected override async Task OnInitializedAsync()
{
var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync();
User = authState.User;
}
}
<p>Welcome, @User.Identity.Name!</p>
This is a simplified example, and you may need to adjust it based on your specific requirements.
@page "/login"
<button @onclick="Login">Login</button>
@code {
private async Task Login()
{
await ((MsalAuthenticationStateProvider)AuthenticationStateProvider).SignIn();
}
}
@page "/logout"
<button @onclick="Logout">Logout</button>
@code {
private async Task Logout()
{
await ((MsalAuthenticationStateProvider)AuthenticationStateProvider).SignOut();
}
}
Include navigation links in your main layout or component to navigate to the login and logout pages. Ensure that you have implemented MsalAuthenticationStateProvider in your application. This provider is responsible for handling sign-in and sign-out actions.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 39%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOT%3C/text%3E%3C/svg%3E)
Hello @Mahesh Deshmane
await ((MsalAuthenticationStateProvider)AuthenticationStateProvider).SignOut();
Could you pls let us know in which package the MsalAuthenticationStateProvider is placed? I failed to find it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 87%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Do we add Microsoft.Identity.Client package to both server and client side projects in web app (as it creates two projects if autorender mode used).
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 67%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Hi @Kuldeep Y, For the first question "where I need to add Azure Authority,Client Id,Teanent Id etc" => You could add this value in the server and clint side appsettings.json file as shown below:
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "<Your-Domain>",
"TenantId": "<Your-Tenant-Id>",
"ClientId": "<Your-Client-Id>",
"CallbackPath": "/signin-oidc"
}
Then if this stuff in Server then what services or configuration i need to done in Program.cs of server and on other hand in Program.cs of Client => Server side Program.cs:
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(AzureADDefaults.BearerAuthenticationScheme)
.AddAzureADBearer(options => Configuration.Bind("AzureAd", options));
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseAuthentication();
// Other middleware
}
Client side Program.cs:
var builder = WebAssemblyHostBuilder.CreateDefault(args);
builder.Services.AddMsalAuthentication(options =>
{
builder.Configuration.Bind("AzureAd", options.ProviderOptions.Authentication);
options.ProviderOptions.DefaultAccessTokenScopes.Add("api://<Your-Api-Client-Id>/access_as_user");
});
await builder.Build().RunAsync();
login code:
@page "/login"
@inject NavigationManager Navigation
@inject IAccessTokenProvider TokenProvider
<h3>Login</h3>
<button class="btn btn-primary" @onclick="LoginUser">Login with Azure AD</button>
@code {
private async Task LoginUser()
{
var result = await TokenProvider.RequestAccessToken();
if (result.TryGetToken(out var token))
{
Navigation.NavigateTo("/");
}
else
{
Navigation.NavigateTo(result.RedirectUrl);
}
}
}
logout:
@page "/logout"
@inject NavigationManager Navigation
@inject SignOutSessionStateManager SignOutManager
<h3>Logout</h3>
<button class="btn btn-primary" @onclick="LogoutUser">Logout from Azure AD</button>
@code {
private async Task LogoutUser()
{
await SignOutManager.SetSignOutState();
Navigation.NavigateTo("authentication/logout");
}
}
App.razor for Auto Render Mode:
<Router AppAssembly="@typeof(Program).Assembly">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
<NotAuthorized>
@if (!context.User.Identity.IsAuthenticated)
{
<RedirectToLogin />
}
else
{
<p>You do not have permission to view this page.</p>
}
</NotAuthorized>
</AuthorizeRouteView>
</Found>
<NotFound>
<LayoutView Layout="@typeof(MainLayout)">
<p>Sorry, there's nothing at this address.</p>
</LayoutView>
</NotFound>
</Router>
@code {
private void RedirectToLogin()
{
var returnUrl = Uri.EscapeDataString(new Uri(Navigation.Uri).PathAndQuery);
Navigation.NavigateTo($"login?returnUrl={returnUrl}");
}
}
Best Regards, Jalpa
---If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.