Keycloak for Blazor demo
- Single Sign-on user authentication on Blazor WebAssembly SignalR client
- ASP.NET Core - Keycloak authorization guide
- Posts tagged with keycloak
- Using OpenID Connect to secure applications and services
- OpenID Connect Client with .NET
- C#/NetStandard OpenID Connect Client Library for native Applications
- Secure ASP.NET Core Blazor WebAssembly
- OpenIDConnect Response Type Confusion
- Blazor.BFF.OpenIDConnect.Template
- Securing SPAs and Blazor Applications using the BFF (Backend for Frontend) Pattern - Dominick Baier
- Backend for Frontend (BFF) Security Framework
- OpenID Connect Client with .NET
- Persist additional claims and tokens from external providers in ASP.NET Core
- Server-side ASP.NET Core Blazor additional security scenarios
- OIDC authentication in server-side Blazor
- Authentication and Authorization
- BlazorWebAssemblyCookieAuth
docker pull keycloak/keycloak
docker run -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -p 8080:8080 keycloak/keycloak:latest start-dev
http:https://localhost:8080/
- Create realm: myrealm
- Create user: afedyanin, set password
- Create group: mygroup
- Add user to group
- Create global role: myrole
- Assign role to user
http:https://localhost:8080/realms/myrealm/account
-
Create Client: blazor-client
-
AuthFlow: Standard flow, Direct access grants
-
Client Auth - On
-
Add valid redirect urls: http:https://localhost:5278/*
-
Enable CORS on Keycloak +
-
Download adapter config
{
"realm": "myrealm",
"auth-server-url": "http:https://localhost:8080/",
"ssl-required": "external",
"resource": "blazor-client",
"credentials": {
"secret": "aNZUREfcTwZjh1qiD095SGQnzL6SQWo0"
},
"confidential-port": 0
}
curl --data "grant_type=password&client_id=blazor-client&username=afedyanin&password=afedyanin&client_secret=aNZUREfcTwZjh1qiD095SGQnzL6SQWo0" localhost:8080/realms/myrealm/protocol/openid-connect/token