Intermediate

Authentication and Authorization in ASP.NET Core Blazor

Blazor render modes and security, Identity UI, AuthenticationStateProvider, Entra ID and RBAC vs ABAC.

This principle stems from the very nature of WebAssembly: compiled code runs in the browser where the user has full control. With browser DevTools or tools like wasm-dis, it is possible to inspect and modify WASM code behavior.

Analogy: Imagine writing building access rules on a sticky note you give to the visitor. Obviously, the visitor can modify this note. Real security is the guard at the entrance who checks badges — that's your server API.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

13 sections
  1. 1 Table of Contents
  2. 2 Blazor Render Modes and Security Impact
  3. 3 User Management — Blazor Identity UI
  4. 4 AuthenticationStateProvider In Depth
  5. 5 Blazor Authorization Components
  6. 6 Integration with Microsoft Entra ID (OpenID Connect)
  7. 7 Protecting Local APIs with Cookies
  8. 8 Protecting Remote APIs with Access Tokens
  9. 9 Authorization Policies — RBAC vs ABAC
  10. 10 Common Pitfalls and Anti-Patterns
  11. 11 Practical Exercises
  12. 12 Technical Glossary
  13. 13 Additional Resources

Interested in this course?

Contact us to book it or get a custom training plan for your team.