question

MichaelPrattinger-0580 avatar image
0 Votes"
MichaelPrattinger-0580 asked Bruce-SqlWork answered

MSAL with Blazor Server and Web API

Hello everyone,

we have a blazor server site with msal authentication. We now want to expose a webapi from the same site/application. Is there a way to secure the webapi with msal and aad too?

thanks in advance,
r Michael

dotnet-aspnet-core-blazordotnet-aspnet-core-webapiazure-ad-libraries
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

BrandoZhang-MSFT avatar image
0 Votes"
BrandoZhang-MSFT answered BrandoZhang-MSFT edited

As far as I know, MSAL.NET (Microsoft.Identity.Client) is an authentication library which enables you to acquire tokens from Azure AD, to access protected Web APIs (Microsoft APIs or applications registered with Azure Active Directory). MSAL.NET is available on several .NET platforms. That means MASL is a library to acquire tokens from Azure AD. If you want to protect an web api, you should refer to this article.

If you want to use MSAL to get token and access API, you could refer to this article's sample to get how to do it.

If you want to know how to use AAD protect your web api, you could refer to this article's sample.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

The website is already protected by msal.
I now want to expose an api reusing some of the features of the website

0 Votes 0 ·

In my opinion, I suggest you could try to write a command class library if you want to reuse some blazor application's codes into web api. We don't suggest you build these two site at same web application. Normally, the web api will not be used for just one application. If your blazor application has been down, other application could also send request to this web api to get the right response. If above opinion will not affect your application, you could mix both blazor and web api inside same application, it could work.

0 Votes 0 ·
Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered MichaelPrattinger-0580 commented

I would not mix a blazor server with a webapi. The blazor server has persistent connections to each client, and a large amount of state information for each client in memory. as all the blazor logic is running on the server, you may have hi cpu if you have any number of users.




· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

thanks for the answer. What we are planning, is to expose an api of our existing blazor server to access data on devices and windows apps.

I am not concerned about the cpu/memory load as this is a intranet website in our company.

Is it generally possible?

Thanks

0 Votes 0 ·
Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered

your authentication setup is not clear. typically with Blazor server you would be using cookie authentication and with a webapi bearer tokens. msal is client library that uses bearer tokens, so if you are using msal, then you are already are using them.

anyway just google asp.net core cookie and bearer token authentication for configuration examples.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.