search

dotnet / AspNetCore.Docs

Documentation for ASP.NET Core
https://docs.microsoft.com/aspnet/core
Creative Commons Attribution 4.0 International
12.6k stars 25.29k forks source link

Permission Based Authorization In Blazor .Net 8 #31485

Closed MahdiElahi closed 9 months ago

MahdiElahi commented 9 months ago

Hi , i want tutorial for permission based authorization with identity for .net blazor 8 ? and tutorial for dynamic permission based

Rick-Anderson commented 9 months ago

cc @guardrex

guardrex commented 9 months ago

Hello @MahdiElahi ... At this time, we only have ...

https://github.com/dotnet/blazor-samples/tree/main/8.0/BlazorWebAppOidc

... which is an OIDC-based app. It doesn't rely on Entra-based packages or Microsoft Identity platform, but it can be used with Entra. There's no article to go with it yet, but that work is tracked by https://github.com/dotnet/AspNetCore.Docs/issues/31265. I'll get to it as soon as I can.

If you're looking for something that uses Microsoft Identity platform, any of the ASP.NET Core/Azure tutorials should work generally, but I recommend that you adopt interactive SSR globally for the app. We might have one or more new tutorials specifically for Blazor Web Apps later, but I think it won't be until after .NET 9 releases in November, which really means not until 2025. The reason is that the product unit is still working on security scenarios for Blazor Web Apps, especially for Auto components. If you use a Blazor Web App today with an IdP like Entra, I think sticking with global interactive SSR (Interactive Server) rendering (set in the App component on the Routes component instance) is the most likely way to produce an app that will work well ...

<Routes @rendermode="InteractiveAuto" />

Also note that Identity Razor Pages pages of <8.0 have been replaced with Identity Razor components for >=8.0. If any tutorial you use for Razor Pages/MVC apps is focused on Identity pages, it won't match what you find if you scaffold Identity into the Blazor Web App, so just be prepared for that change.

The tutorial that we usually point to in the Azure docs is ...

https://learn.microsoft.com/entra/identity-platform/quickstart-web-app-aspnet-core-sign-in

Our coverage for Azure with ASP.NET Core starts at ...

https://learn.microsoft.com/aspnet/core/security/authentication/azure-active-directory/

... but if an OIDC-based app will work for your scenario and you don't mind not having an article to go with it at this time, you can try that BlazorWebAppOidc app that I cross-linked above and see if it will meet your needs.