Intent.Blazor.Authentication

The Intent.Blazor.Authentication module provides a fully integrated authentication setup for Blazor applications generated with Intent Architect.
It supports all three Blazor rendering modes — InteractiveServer, InteractiveWebAssembly, and InteractiveAuto — and can be configured to work with multiple authentication strategies:

  • ASP.NET Core Identity
  • JWT Bearer Authentication
  • OIDC Password Flow

Rendering Mode Support

The appropriate services, AuthenticationStateProvider implementations, and dependency injection (DI) registrations are generated according to the selected rendering mode to ensure a seamless authentication flow.

Each rendering mode uses a tailored implementation of the AuthenticationStateProvider to match its runtime environment.
By default, authentication state is persisted using cookies in all modes, unless overridden.

Supported Authentication Modes

You can configure this module to support:

  • ASP.NET Core Identity – For individual accounts using a local store. This mode sets up an Entity Framework Core database to store user data and account information. It includes built-in functionality for user registration, login, password reset, and email confirmation. Note: This mode does not support attaching a token to a third-party API.

  • JWT (JSON Web Token) – For stateless authentication using tokens. A TokenEndpoint:Uri must be configured in your app settings. The module handles typical user flows including login, registration, password reset, and forgot password — assuming your token provider supports these endpoints.

  • OIDC Password Flow – For integration with third-party identity providers like IdentityServer, Auth0, or Azure AD B2C. This mode supports the Resource Owner Password Credentials (ROPC) grant flow, allowing users to authenticate using their username and password directly against the identity provider.

In all three modes, the authenticated ClaimsPrincipal is stored in either the IdentityCookie or a general Cookie, depending on the configuration.

Third-Party API Authentication

Authentication for secure third-party APIs can be achieved using either JWT or OIDC modes.

In these modes, the access token (auth_token) retrieved from the configured token provider is automatically attached to any outgoing HTTP requests targeting Secured API endpoints.
This ensures that all protected resources are accessed with the appropriate authorization headers without requiring manual token handling.