I'm creating a simple project using .NET 9 and Blazor to show how to protect APIs using Individual Accounts. I published the code on GitHub.
I added in the server and client Program.cs, the code for the IHttpClientFactory like this:
builder.Services .AddScoped(sp => sp .GetRequiredService<IHttpClientFactory>() .CreateClient("ServerAPI")) .AddHttpClient("ServerAPI", (provider, client) => { client.BaseAddress = new Uri("https://localhost:7130"); });I added 2 endpoints for test: ClientEndpoint and ClientAddressEndpoint. Then, I added RequireAuthorization to all of them. Using Swagger and after the authentication, the APIs are working.
Now, I created a page to display the list of clients. In the client project, the page ClientList reads the list from the APIs.
@attribute [Authorize]@inject HttpClient httpClientpublic async Task GetClients(){ if (string.IsNullOrEmpty(user)) { Clients = null; return; } HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, $"/api/Client"); HttpResponseMessage responseMessage = await httpClient.SendAsync(request); responseMessage.EnsureSuccessStatusCode(); Clients = await responseMessage.Content.ReadFromJsonAsync<List<Domain.Client>>();}Although the user is authenticated, the application always redirects the request to the login page as you can see in this screenshot.
I think I checked properly all the configurations but I can't find to issue.