Authentication and Authorization in ASP.NET Core 10 Blazor
Secure a Blazor Web App with Identity, render-mode-aware auth state, Entra ID and policies.
In ASP.NET Core 10, the Blazor Web App template represents the reference model for building web applications. The fundamental change compared to previous versions is the adoption of an SSR-first paradigm (Server-Side Rendering first). By default, all components are rendered server-side and interactivity is deliberately added where needed.
This paradigm shift has profound implications for the security of the application. In .NET 10, SSR is the default mode, and authentication naturally relies on HttpContext.User, which is the standard ASP.NET Core approach.
Sign in to read this course
A free account unlocks all 514 courses. 20 are readable without one.
What's inside
11 sections- 1 Table of Contents
- 2 Architecture and Blazor Render Modes
- 3 Authentication with ASP.NET Core Identity
- 4 Authentication State Propagation
- 5 Integration with OpenID Connect (Entra ID)
- 6 API Protection
- 7 Authorization Policies
- 8 Common Pitfalls and Best Practices
- 9 Practical Exercises
- 10 Glossary
- 11 Additional Resources
More Authentication & Security courses
View all 5Authentication and Authorization in ASP.NET Core
ASP.NET Core Identity, OpenID Connect, the BFF pattern, JWT, policies and data protection.
Securing ASP.NET Core 10 with OAuth2 and OpenID Connect
OAuth2/OIDC with Duende IdentityServer — claims, API security, token revocation and the BFF pattern.
Securing ASP.NET Core with OAuth2 and OpenID Connect
Authorization code flow with PKCE, claims, refresh tokens, ASP.NET Core Identity, federation and MFA.
Authentication and Authorization in ASP.NET Core Blazor
Blazor render modes and security, Identity UI, AuthenticationStateProvider, Entra ID and RBAC vs ABAC.
Interested in this course?
Contact us to book it or get a custom training plan for your team.