Rocio  O'Keefe

Rocio O'Keefe


Adding Authentication to A Blazor Server App using Auth0

In this post I show how how to add authentication to a sample ASP.NET Core Blazor Server app. The default .NET templates show how to use ASP.NET Identity or Azure for authentication, but in this post I show how to use Auth0 for authentication.

Authentication in Blazor Server

Blazor server is a stateful service. In normal operation, the Blazor server application running on the server maintains a SignalR connection to the user’s browser, and sends diff updates to the browser. However, authentication for SignalR occurs when the connection is established, so you typically need to perform your authentication outside of the normal Blazor Server workflow.

The default .NET templates for Blazor Server use Razor Pages and ASP.NET Core Identity to handle authentication. This is exactly the same as for a typical ASP.NET Core MVC or Razor Pages app, so whether you use Visual Studio or the .NET CLI templates (dotnet new blazorserver) you have all the normal options for authentication, namely:

  • None: No authentication
  • Individual: Individual authentication using ASP.NET Core Identity
  • IndividualB2C: Individual authentication with Azure AD B2C
  • SingleOrg: Organizational authentication (Microsoft account) for a single tenant
  • MultiOrg: Organizational authentication (Microsoft account) for multiple tenants
  • Windows: Windows authentication

For a recent project I was working on I needed accounts, but I didn’t want to manage the user accounts myself, so I didn’t want to use Individual auth. I also didn’t want to require a Microsoft account or Windows, so those options were out. Azure AD B2C would have been feasible, but I decided to opt for an alternative identity provider, Auth0.

Using Auth0 for authentication

Auth0 is an identity provider that you can use to provide user management and authentication for your applications. By using an external login provider such as Auto0 (or Azure AD B2C), you delegate responsibility for the “login process” to a third party. That means you get benefits such as “paswordless” login, compromised password checks, social logins, and WebAuthn support. More importantly, you don’t have to worry about losing user passwords, as you don’t have them!

Using an external identity provider (such as Auth0) is relatively simple with ASP.NET Core, as long as the provider implements  OpenId Connect (which most do). With this approach, whenever you need to login to your app, you redirect the user to Auth0 to do the actual sign-in. Once the user has signed in, they’re redirected to a callback page in your app. Your app then talks directly to Auth0 to obtain the authentication details.

#blazor #auth core

Adding Authentication to A Blazor Server App using Auth0