Role-Based Access Control in Blazor Applications

Learn how to use roles in your Blazor Server and WebAssembly applications to implement the RBAC authorization model.
Read more…

:writing_hand:t2: Brought to you by @andrea.chiarelli

1 Like

What’s up Devs! How did you like this post? Please share any comments or feedback with us on this thread


Thanks for the great post

1 Like

Thanks a lot! We’re happy to hear that!

Hey @caseyspaulding, thank you very much for your feedback! :pray:

What a great article, really helped me out. Is there any chance of publishing an article detailing how to incorporate the Password Reset feature of Auth0 into a Blazor application. Many thanks.


Hello @david43,
Welcome to the Auth0 Community! I’m glad my article helped you! :muscle:

Regarding password reset, your user should be able to reset their password through the Universal Login page. See this document for more info.
What is the issue you are experiencing? What is your use case?

Many thanks Andrea for your quick response. I’m using Universal Login and didn’t actually see the “Forgot password” link. This solves my perceived problem.

Perhaps you can tell me how I can check whether the user is actually logged in or not in a Blazor application. I assume this would be similar to your AccessControl component in your tutorial to determine whether the user is authorized or not.

Many thanks in advance.

Hey @david43,
You are right. You can use the AuthorizeView component to show UI parts based on user’s authentication state. By default, a user is authorized if they are authenticated.
I you want to check the login status in your code, you should access the AuthenticationState.
See here for an example.

Many thanks Andrea, so very helpful.

Kind regards

1 Like

My Roles Claim is being delivered as [“RoleName”], any idea why this is?
the following returns true…

var authenticationState = await authenticationStateTask;

in my component, the

AuthorizeView Roles=“RoleName”

does not work.

However, if I enter

Authorize view Roles=‘[“RoleName”]’

it does work.

I only have 1 role, and I have copied the custom role action correctly.

thank you very much.

Hey @pete.riehl,
Welcome to the Auth0 Community!

The reason behind this behavior is explained here in the article.
Basically, the Blazor WASM client always deserializes the role claim as a string (the article also reports references to a couple of GitHub issues), regardless of the data structure assigned to it (an array of strings in this case)