You're welcome! I've been searching for someone to explain this to us for a while. Keep explaining thoroughly. Thank you very much again.

Thanks for this video. Auth is one topic that ive struggled with the most in trying to start a new real world project. Your explanations are super helpful! Especially since we have the need to uave kultiple apps share the same set of users

Thank you. This makes it easier to understand.

It would be really helpfull if you would provide a github link in the video descriptions. A lot of times it's easyer to understand when you can freely scroll throwgh the code.

Thanks for the EXCELLENT video explaining .Net 8 Blazor Authentication. You make it feel so simple! But I need to go a bit further. I have 3 applications and need to have a common Login Authentication and need to jump from one app to another. If I logout from on app then it has to logout on the others too (the same way you explained on the different tabs). How can I achieve this please? JP

Great video, thanks for this. Just out of curiosity, have you considered trying Azure AD B2C for authentication/authorization?

Thank you for the video aways very informative! What if I have a custom user table cominng from a legacy project that I want to use in the blazor server app? Let's say the table have just username, password and a Role in it without even the email. Is it possible to use the default implementation just by overridig some parts and in case wich ones? Or I have to create my custom Authentication from scratch?

When the authentication and authorization infrastructure are implemented in the blazor web app, then we are forced to develop the whole business layer within the same blazor web app. Things get complicated when I want to separate the blazor web app from the logic and move the logic into a separate web api service. I've tried the jwt approach but I can't see how it can work with the authorizedview tags in Blazor. Plus the jwt has its flaws that you don't have a simple logout implementation

Is there a way to ONLY use external authentication is this type of project? I simply have a single IDP that I need to authenticate against with OIDC. I've managed to accomplish that but I have two problems: 1- Is there a way to implement refresh tokens? 2- Logout is broken. It just won't remove the cookie no matter what I do. A tutorial on how to do that would be greatly appreciated.

Thank you for your video. But may i know, why with the default project setup(interactive server, individual identity), the session cookie still alive, when I just close the tab or web browser? When I open again the home page, it shows the login condition as same before?

Given that the .net 8 blazor auth covers so much would you recommend using this out of the box setup over doing it from scratch like you previously did with the .net 6 blazor auth?

Why not from within Visual Studio Identity Management? Everything is ready

Hi, how would you go around publishing this application and still use this way of login, do i need to migrate the user db context? Great video, have been looking for something like this!

Can you clarify how the RevalidatintServerAuthinecationStateProvider pass the athuninctaion state to the client in template with individuals accounts and interactive auto

This is a constant issue for me when trying to search for information about this part. Like yes i can create the authorization at this point, and i have all that but i am really confused about how to use the cookie data to track which user is logged in... Im a student so this is a student question really.. But in the web app that we are making, in blazor we need to make a site for a car rental company, and im just currious of how i keep track of the logged in user, like i want to see only the logged in users orders and order history, i want to be able to klick on a car and be sent to a booking site where we can just klick the rent car and have the logged in users informatin already inserted in the form except for the period of which the car should be rented. Its a piece of information that seems really hard to find for some reason...

When we have a global Authorize attribute, what other pages in the Account area would need an AllowAnonymous attribute?

Is there a possibility of adding roles to this authentication? If so, how would you go about adding roles?

The ValidateAuthenticationStateAsync in the RevalidatingAuthenticationStateProvider in 8.0.X is never called,why?

How do you handle 500+ claims for user permissions to avoid the header size limit? I'm currently working on a similar project and would love to hear about different strategies or experiences from the community. Any insights or advice would be greatly appreciated!

Any link to the example you went over in the video?

So now we can use that Identity User Accessor and we don't need to do the whole initial state and downloading everything from httpcontext only at the start of the application? Or does this only work for SSR and on SS we still need the old way?

Excellent video. I dont understand well the email thing. When i want to implement a real email confirmation, I overwrite the IdentityNoOpEmailSender clas and thats it?

Hello, I'm new to blazor framework, i created a Project of type blazor web app with dotnet 8 wich include both server and client project, and i added authentication and Authorization with jwt bearer and i save the token in browser, but i encountering a proplem when refrech a component with Attribute autorize, it's gives error 401 unautorize while oninizlation of the component i retrive the authentication state but it's give 401. And btw the rendermode on the component ia interactiveServer with prerender false, so can any one help me with this problem 🙏

The biggest problem of this structure is the SSR and cookie issue. It is not possible to use any component that uses interactiveserver mode on the login and registration pages, which causes various problems. Another problem is this; Since the pages in the account section are SSR, we can use cookies, and for example, after writing any information of the logged-in member into the cookie, we cannot access this cookie from other Blazor components. As an alternative, I tried using ProtectedLocalStorage, but it does not allow writing any information to ProtectedLocalStorage after the user logs in. Even if we solve this problem by adding a component and directing the user here, deleting the contents written to ProtectedLocalStorage in the logout section is still a problem.

Do you have any tutorial for blazor web app with mix interactivity and keycloak?

why we are not receiving an email ?

Thank you for your Video. I would like to inform you, that the RevalidatingServerAuthenticationStateProvider doesn't work in Blazor 8. You opened the other session in the same browser in the second Tab. But please, open the other session in different Browser (Firefox, Edge). You will see, that the logout doesn't change anything in the other session. ValidateAuthenticationStateAsync is not called.

This playlist need role management.

Hi , i like what you are doing , Please a i have a question , i have a APi that handle generating authentication with jwt access token , and all my logic is in this API , i want to use blazor as frontend with rendermodeAuto, how to use the JWT in this case? for WASM si I have no probleme , but with Blazor RenderModeAutho i am lost Thank you

First to like and first to comment ...master

hi - can we get the code? thanks