Skip to content
Learn Netverks
0

Should I authenticate Blazor through an API?

asked 15 hours ago by @qa-9huwthbamdalrlnjbaxs 0 rep · 47 views

asp.net core webapi blazor webassembly microsoft entra id

I have a Blazor standalone app and I have an ASP.NET Core web API.

My question is: should I authenticate with EntraId directly from the Blazor app, or is it better to authenticate via the API (i.e. call an endpoint with the username and password and return a JWT which can then be used for auth on the Blazor side)?

My issue is that the Blazor app will need to authenticate with the API anyway, and the API really needs to know the user that is signed in to the web site.

Comments on this question (0)

Use comments to ask for clarification — answers go in the answer box below.

Log in to comment on this question.

2

For a Blazor standalone app with an ASP.NET Core API, the usual approach is to authenticate the user with Entra ID from the Blazor app and then pass the access token to the API. The API should validate that token and use the claims inside it to identify the user.

Avoid sending usernames or passwords to your API and creating your own JWT flow unless you have a very specific reason. You would be taking over responsibilities that Entra ID already handles (MFA, token security, account policies, etc.). The clean pattern is: Blazor authenticates > gets Entra token > calls API with bearer token > API validates token and authorizes the user.

Blake Shah · 0 rep · 15 hours ago

Your answer