Inconsistent docs on securing Blazor WebAssembly App with Entra

[mikeholczer]

Description

In trying to setup a Blazor WebAssembly App in Azure Static Web Apps and using Entra to secure certain pages in it, I found multiple guides with inconsistent steps. It's want to make sure that I get the security correct, and I have to assume that one of these methods is better than the others, but it's not clear to me which one is the best, or if there is something better I'm not finding.

These guides include:

1. https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/hosted-with-microsoft-entra-id?view=aspnetcore-7.0
2. https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-microsoft-entra-id?view=aspnetcore-9.0
3. https://learn.microsoft.com/en-us/aspnet/core/blazor/security/blazor-web-app-with-entra?view=aspnetcore-9.0
4. https://learn.microsoft.com/en-us/azure/static-web-apps/authentication-custom?tabs=aad%2Cinvitations
5. https://learn.microsoft.com/en-us/azure/static-web-apps/authentication-authorization

Page URL

https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/?view=aspnetcore-9.0

Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/blazor/security/webassembly/index.md

Document ID

8670b314-460d-3194-c53b-9a44f39c6b2a

Article author

@guardrex

Metadata

• ID: c572618c-8b98-95af-6a75-1f8e413071db
• PlatformId: 6acb61dd-3df7-5a52-6d9f-4dead0f9176f
• Service: aspnet-core
• Sub-service: blazor

Related Issues

[github-actions]

🌱🐇 Spring is coming. Hang in there! I'm pull'in for ya! 🐣🌻

Stand-by! ... A green dinosaur 🦖 will be along shortly to assist.

[guardrex]

Hello @mikeholczer ... Quick acknowledgement of your issue. I'm OOF for the weekend, and I'll get back to you on this first thing Monday morning.

UPDATE (2/17): I forgot that today is a national holiday in the US. I'll be back to on this tomorrow (Tuesday) morning.

[guardrex]

@mikeholczer ..... And we're BACK!

The only coverage that we maintain for Static Web Apps is at ...

https://learn.microsoft.com/en-us/aspnet/core/blazor/host-and-deploy/webassembly?view=aspnetcore-9.0#azure-static-web-apps

... and then ... in theory ... you should be able to follow ...

https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-microsoft-entra-id?view=aspnetcore-9.0

... for Entra. In theory. 😆 You know how it goes. I've never confirmed that everything works well with the service, but there's no reason to think that it will fail to work.

I think we can close this as just an answered question. Please leave additional remarks if you need to. If you try it and it all goes sideways 😈💥, then leave a comment on this issue. I'll re-open the issue and try to repro the problem(s) that you've discovered and/or refer you to the product unit for assistance.