Add Login to Your Blazor Server Application

Use AI to integrate Auth0

If you use an AI coding assistant like Claude Code, Cursor, or GitHub Copilot, you can add Auth0 authentication automatically in minutes using agent skills.Install:

npx skills add auth0/agent-skills

Then ask your AI assistant:

Add Auth0 authentication to my Blazor Server app

Your AI assistant will automatically create your Auth0 application, fetch credentials, install Auth0.AspNetCore.Authentication, configure Program.cs, create login/logout pages, and add AuthorizeView components. Full agent skills documentation →

Prerequisites: Before you begin, ensure you have the following installed:

.NET SDK 8.0 or newer
Your favorite code editor (Visual Studio, VS Code, or Rider)
An Auth0 account (sign up for free)

Get Started

Auth0 allows you to quickly add authentication and gain access to user profile information in your application. This guide demonstrates how to integrate Auth0 with any new or existing Blazor Server application using the Auth0.AspNetCore.Authentication SDK.

Create a new project

Create a new Blazor Server project for this Quickstart

dotnet new blazor -n SampleBlazorApp --interactivity Server

Open the project

cd SampleBlazorApp

Install the Auth0 SDK

dotnet add package Auth0.AspNetCore.Authentication

Setup your Auth0 Application

Next up, you need to create a new Application on your Auth0 tenant and add the configuration to your project.You can choose to do this automatically by running a CLI command or do it manually via the Dashboard:

CLI
Dashboard

Run the following shell command on your project’s root directory to create an Auth0 Application and update your appsettings.json:

Mac/Linux
Windows (PowerShell)

AUTH0_APP_NAME="My Blazor App" && brew tap auth0/auth0-cli && brew install auth0 && auth0 login --no-input && auth0 apps create -n "${AUTH0_APP_NAME}" -t regular -c http://localhost:5000/callback -l http://localhost:5000 -o http://localhost:5000 --reveal-secrets --json --metadata created_by="quickstart-docs-manual" > auth0-app-details.json && CLIENT_ID=$(jq -r '.client_id' auth0-app-details.json) && CLIENT_SECRET=$(jq -r '.client_secret' auth0-app-details.json) && DOMAIN=$(auth0 tenants list --json | jq -r '.[] | select(.active == true) | .name') && rm auth0-app-details.json && cat > appsettings.json << EOF
{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*",
  "Auth0": {
    "Domain": "${DOMAIN}",
    "ClientId": "${CLIENT_ID}",
    "ClientSecret": "${CLIENT_SECRET}"
  }
}
EOF
echo "appsettings.json created with your Auth0 details:" && cat appsettings.json

$AUTH0_APP_NAME = "My Blazor App"
$latestRelease = Invoke-RestMethod -Uri "https://api.github.com/repos/auth0/auth0-cli/releases/latest"
$latestVersion = $latestRelease.tag_name
$version = $latestVersion -replace "^v"
Invoke-WebRequest -Uri "https://github.com/auth0/auth0-cli/releases/download/${latestVersion}/auth0-cli_${version}_Windows_x86_64.zip" -OutFile ".\auth0.zip"
Expand-Archive ".\auth0.zip" .\
[System.Environment]::SetEnvironmentVariable('PATH', $Env:PATH + ";${pwd}")
auth0 login --no-input
auth0 apps create -n "${AUTH0_APP_NAME}" -t regular -c http://localhost:5000/callback -l http://localhost:5000 -o http://localhost:5000 --reveal-secrets --json --metadata created_by="quickstart-docs-manual" | Set-Content -Path auth0-app-details.json
$AppDetails = Get-Content -Raw auth0-app-details.json | ConvertFrom-Json
$ClientId = $AppDetails.client_id
$ClientSecret = $AppDetails.client_secret
$Domain = (auth0 tenants list --json | ConvertFrom-Json | Where-Object { $_.active -eq $true }).name
$Config = Get-Content -Raw appsettings.json | ConvertFrom-Json
if (-not $Config.Auth0) { $Config | Add-Member -MemberType NoteProperty -Name Auth0 -Value @{} }
$Config.Auth0.Domain = $Domain
$Config.Auth0.ClientId = $ClientId
$Config.Auth0.ClientSecret = $ClientSecret
$Config | ConvertTo-Json -Depth 10 | Set-Content appsettings.json
Remove-Item auth0-app-details.json
Write-Output "✅ appsettings.json updated with your Auth0 details:"
Get-Content appsettings.json

Before you start, create or update appsettings.json on your project’s root directory

appsettings.json

{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*",
  "Auth0": {
    "Domain": "YOUR_AUTH0_DOMAIN",
    "ClientId": "YOUR_CLIENT_ID",
    "ClientSecret": "YOUR_CLIENT_SECRET"
  }
}

Go to the Auth0 Dashboard
Click Applications → Applications → Create Application
Enter a name for your application (e.g., “My Blazor App”)
Select Regular Web Application as the application type
Click Create
Go to the Settings tab
Replace YOUR_AUTH0_DOMAIN, YOUR_CLIENT_ID, and YOUR_CLIENT_SECRET in the appsettings.json file with the Domain, Client ID, and Client Secret values from the dashboard

Configure Callback URLs:In the Settings tab, configure the following URLs:

Allowed Callback URLs: http://localhost:5000/callback
Allowed Logout URLs: http://localhost:5000
Allowed Web Origins: http://localhost:5000

Click Save Changes

Important: Make sure to setup connections and enable them for your application in the Auth0 Dashboard under the Connections tab.

Configure authentication

Update your Program.cs to configure Auth0 authentication:

Program.cs

using Auth0.AspNetCore.Authentication;
using SampleBlazorApp.Components;

var builder = WebApplication.CreateBuilder(args);

// Add Auth0 authentication
builder.Services.AddAuth0WebAppAuthentication(options =>
{
    options.Domain = builder.Configuration["Auth0:Domain"];
    options.ClientId = builder.Configuration["Auth0:ClientId"];
    options.ClientSecret = builder.Configuration["Auth0:ClientSecret"];
});

// Add Razor Components and Blazor Server
builder.Services.AddRazorComponents()
    .AddInteractiveServerComponents();

// Add cascading authentication state
builder.Services.AddCascadingAuthenticationState();

// Add Razor Pages for authentication endpoints
builder.Services.AddRazorPages();

var app = builder.Build();

if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Error", createScopeForErrors: true);
    app.UseHsts();
}

app.UseHttpsRedirection();
app.UseAntiforgery();

app.UseAuthentication();
app.UseAuthorization();

app.MapStaticAssets();
app.MapRazorComponents<App>()
    .AddInteractiveServerRenderMode();

// Map Razor Pages for authentication
app.MapRazorPages();

app.Run();

Note: The order of middleware is important. UseAuthentication() must be called before UseAuthorization().

Add Login and Logout pages

Create Login and Logout pages to allow users to authenticate.First, create the Pages folder and files:

Mac/Linux
Windows (PowerShell)

mkdir -p Pages && touch Pages/Login.cshtml Pages/Login.cshtml.cs Pages/Logout.cshtml Pages/Logout.cshtml.cs Pages/_ViewImports.razor

New-Item -ItemType Directory -Force -Path Pages; New-Item -ItemType File -Force -Path Pages/Login.cshtml, Pages/Login.cshtml.cs, Pages/Logout.cshtml, Pages/Logout.cshtml.cs, Pages/_ViewImports.razor

And add the following code snippets:

Create Profile page and Update Layout

Create a custom user profile page for displaying the user’s name and claims, and update the layout to add login/logout links.First, create the Profile component:

Mac/Linux
Windows (PowerShell)

touch Components/Pages/Profile.razor

New-Item -ItemType File -Force -Path Components/Pages/Profile.razor

Add the following code snippets, note to add the MainLayout code to the top section of your layout, keeping all other parts intact.

Run your application

dotnet run

Your application should start and display the URL it’s listening on:

info: Microsoft.Hosting.Lifetime[14]
      Now listening on: http://localhost:5000

Open your browser and navigate to http://localhost:5000. Click the Login link in the navigation. You’ll be redirected to Auth0’s login page. After logging in, you’ll be redirected back to your application, and you should see your name in the navigation.

CheckpointYou should now have a fully functional Auth0-protected Blazor Server application running on http://localhost:5000. Users can log in, view their profile, and log out.

Advanced Usage

Customize Login Parameters

You can pass custom parameters to the Auth0 login page:

Pages/Login.cshtml.cs

public async Task OnGet(string redirectUri = "/")
{
    var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
        .WithRedirectUri(redirectUri)
        .WithParameter("screen_hint", "signup")  // Show signup page
        .WithParameter("ui_locales", "es")       // Set language to Spanish
        .Build();

    await HttpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
}

Store Tokens for API Calls

If you need to call external APIs on behalf of the user, you can retrieve and store tokens:

Program.cs

builder.Services.AddAuth0WebAppAuthentication(options =>
{
    options.Domain = builder.Configuration["Auth0:Domain"];
    options.ClientId = builder.Configuration["Auth0:ClientId"];
    options.ClientSecret = builder.Configuration["Auth0:ClientSecret"];
})
.WithAccessToken(options =>
{
    options.Audience = "https://your-api.example.com";
    options.UseRefreshTokens = true;
});

Then retrieve the access token:

var accessToken = await HttpContext.GetTokenAsync("access_token");

// Use the access token to call your API
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization = 
    new AuthenticationHeaderValue("Bearer", accessToken);

var response = await client.GetAsync("https://your-api.example.com/data");
var data = await response.Content.ReadAsStringAsync();

Configure Organizations

Configure organization support for B2B scenarios:

Program.cs

builder.Services.AddAuth0WebAppAuthentication(options =>
{
    options.Domain = builder.Configuration["Auth0:Domain"];
    options.ClientId = builder.Configuration["Auth0:ClientId"];
    options.ClientSecret = builder.Configuration["Auth0:ClientSecret"];
    options.Organization = builder.Configuration["Auth0:Organization"];
});

Or specify organization at login time:

Pages/Login.cshtml.cs

var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
    .WithOrganization("org_abc123")
    .WithRedirectUri("/")
    .Build();

Common Issues

Unable to obtain configuration

Problem: Unable to obtain configuration from: https://your-tenant.auth0.com/.well-known/openid-configurationSolution: Verify your Domain is correct and does not include https://. The library automatically constructs the authority.

{
  "Auth0": {
    "Domain": "your-tenant.auth0.com"  // Correct - no protocol
  }
}

Also ensure:

No trailing slash in the domain value
Your application has internet access to reach Auth0
The domain format matches your tenant region (.auth0.com, .us.auth0.com, .eu.auth0.com)

Configuration values not found

Problem: ArgumentNullException: Value cannot be null. (Parameter 'Domain') or similar.Solution: Ensure appsettings.json contains the Auth0 section with Domain, ClientId, and ClientSecret values. Check that configuration is being read correctly:

Program.cs

builder.Services.AddAuth0WebAppAuthentication(options =>
{
    options.Domain = builder.Configuration["Auth0:Domain"]
        ?? throw new InvalidOperationException("Auth0:Domain is required");
    options.ClientId = builder.Configuration["Auth0:ClientId"]
        ?? throw new InvalidOperationException("Auth0:ClientId is required");
    options.ClientSecret = builder.Configuration["Auth0:ClientSecret"]
        ?? throw new InvalidOperationException("Auth0:ClientSecret is required");
});

Middleware order issues

Problem: Authentication not working despite correct configuration.Solution: Ensure middleware is in the correct order. UseAuthentication() must come before UseAuthorization():

Program.cs

app.UseRouting();
app.UseAuthentication();  // Must be before UseAuthorization
app.UseAuthorization();
app.MapControllerRoute(...);

Additional Resources

GitHub Repository

Source code and issue tracker

API Reference

Detailed API documentation

Community Forum

Get help from the Auth0 community

Sample Application

A sample application can be found below that demonstrates the integration of Auth0 with ASP.NET Core MVC.:

ASP.NET Core Blazor App

Includes login, logout, user profile and other examples.

Clone and run:

git clone https://github.com/auth0-samples/auth0-aspnetcore-blazor-server-samples/tree/main/Quickstart/Sample

# Update appsettings.json with your Auth0 configuration
dotnet run

Single Page App

Regular Web App

Native/Mobile App

Backend/API

Add Login to Your Blazor Server Application

Get Started

Advanced Usage

Common Issues

Additional Resources

GitHub Repository

API Reference

Community Forum

Sample Application

ASP.NET Core Blazor App

Single Page App

Regular Web App

Native/Mobile App

Backend/API

​Get Started

​Advanced Usage

​Common Issues

​Additional Resources

GitHub Repository

API Reference

Community Forum

​Sample Application

ASP.NET Core Blazor App

Get Started

Advanced Usage

Common Issues

Additional Resources

Sample Application