diff --git a/aspnetcore/blazor/security/blazor-web-app-with-oidc.md b/aspnetcore/blazor/security/blazor-web-app-with-oidc.md index 640ca1a3f622..5002a4f43a00 100644 --- a/aspnetcore/blazor/security/blazor-web-app-with-oidc.md +++ b/aspnetcore/blazor/security/blazor-web-app-with-oidc.md @@ -234,8 +234,18 @@ For more information on (web) API calls using a service abstractions in Blazor W The `BlazorWebAppOidc.Client` project is the client-side project of the Blazor Web App. +:::moniker range=">= aspnetcore-9.0" + +The client calls `AddAuthenticationStateDeserialization` to deserialize and use the authentication state passed by the server. The authentication state is fixed for the lifetime of the WebAssembly application. + +:::moniker-end + +:::moniker range="< aspnetcore-9.0" + The `PersistentAuthenticationStateProvider` class (`PersistentAuthenticationStateProvider.cs`) is a client-side that determines the user's authentication state by looking for data persisted in the page when it was rendered on the server. The authentication state is fixed for the lifetime of the WebAssembly application. +:::moniker-end + If the user needs to log in or out, a full page reload is required. The sample app only provides a user name and email for display purposes. It doesn't include tokens that authenticate to the server when making subsequent requests, which works separately using a cookie that's included on requests to the server. @@ -506,8 +516,18 @@ For more information on (web) API calls using a service abstractions in Blazor W The `BlazorWebAppOidc.Client` project is the client-side project of the Blazor Web App. +:::moniker range=">= aspnetcore-9.0" + +The client calls `AddAuthenticationStateDeserialization` to deserialize and use the authentication state passed by the server. The authentication state is fixed for the lifetime of the WebAssembly application. + +:::moniker-end + +:::moniker range="< aspnetcore-9.0" + The `PersistentAuthenticationStateProvider` class (`PersistentAuthenticationStateProvider.cs`) is a client-side that determines the user's authentication state by looking for data persisted in the page when it was rendered on the server. The authentication state is fixed for the lifetime of the WebAssembly application. +:::moniker-end + If the user needs to log in or out, a full page reload is required. The sample app only provides a user name and email for display purposes. It doesn't include tokens that authenticate to the server when making subsequent requests, which works separately using a cookie that's included on requests to the server.