dotnet · guardrex · Jul 29, 2025 · Jul 28, 2025 · Jul 28, 2025 · Jul 29, 2025
@@ -5,7 +5,7 @@ description: Learn how to build a .NET MAUI Blazor Hybrid app with a Blazor Web
 monikerRange: '>= aspnetcore-9.0'
 ms.author: wpickett
 ms.custom: mvc
-ms.date: 03/12/2025
+ms.date: 07/29/2025
 uid: blazor/hybrid/security/maui-blazor-web-identity
 ---
 # .NET MAUI Blazor Hybrid and Web App with ASP.NET Core Identity
@@ -41,7 +41,7 @@ The sample app is a starter solution that contains a native, cross-platform MAUI
 1. Open the solution in Visual Studio (2022 or later) or VS Code with the .NET MAUI extension installed.
 1. Set the `MauiBlazorWeb` MAUI project as the startup project. In Visual Studio, right-click the project and select **Set as Startup Project**.
 1. Start the `MauiBlazorWeb.Web` project without debugging. In Visual Studio, right-click on the project and select **Debug** > **Start without Debugging**.
-1. Inspect the Identity endpoints by navigating to `https://localhost:7157/swagger` in a browser.
+1. Inspect the Identity endpoints via [OpenAPI documentation](xref:fundamentals/openapi/overview). You can add a third-party OpenAPI-compliant visual UI/endpoint tester.
 1. Navigate to `https://localhost:7157/account/register` to register a user in the Blazor Web App. Immediately after the user is registered, use the **Click here to confirm your account** link in the UI to confirm the user's email address because a real email sender isn't registered for account confirmation.
 1. Start (`F5`) the `MauiBlazorWeb` MAUI project. You can set the debug target to either **Windows** or an Android emulator.
 1. Notice you can only see the `Home` and `Login` pages.

@@ -5,7 +5,7 @@ description: Learn how to secure a Blazor Web App with Microsoft Entra ID.
 monikerRange: '>= aspnetcore-9.0'
 ms.author: wpickett
 ms.custom: mvc
-ms.date: 06/11/2025
+ms.date: 07/29/2025
 uid: blazor/security/blazor-web-app-entra
 zone_pivot_groups: blazor-web-app-entra-specification
 ---
@@ -77,7 +77,7 @@ The `MinimalApiJwt` project is a backend web API for multiple frontend projects.
 
 The `MinimalApiJwt.http` file can be used for testing the weather data request. Note that the `MinimalApiJwt` project must be running to test the endpoint, and the endpoint is hardcoded into the file. For more information, see <xref:test/http-files>.
 
-The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview) and the [Swagger UI](https://swagger.io/api-hub/) in the Development environment. For more information, see <xref:fundamentals/openapi/using-openapi-documents#use-swagger-ui-for-local-ad-hoc-testing>.
+The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview).
 
 A secure weather forecast data endpoint is in the project's `Program` file:
 
@@ -289,7 +289,7 @@ The `MinimalApiJwt` project is a backend web API for multiple frontend projects.
 
 The `MinimalApiJwt.http` file can be used for testing the weather data request. Note that the `MinimalApiJwt` project must be running to test the endpoint, and the endpoint is hardcoded into the file. For more information, see <xref:test/http-files>.
 
-The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview) and the [Swagger UI](https://swagger.io/api-hub/) in the Development environment. For more information, see <xref:fundamentals/openapi/using-openapi-documents#use-swagger-ui-for-local-ad-hoc-testing>.
+The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview).
 
 A secure weather forecast data endpoint is in the project's `Program` file:
 
@@ -561,14 +561,10 @@ msIdentityOptions.ClientSecret = AzureHelper.GetKeyVaultSecret("{VAULT URI}",
 
 Configuration is used to facilitate supplying dedicated key vaults and secret names based on the app's environmental configuration files. For example, you can supply different configuration values for `appsettings.Development.json` in development, `appsettings.Staging.json` when staging, and `appsettings.Production.json` for the production deployment. For more information, see <xref:blazor/fundamentals/configuration>.
 
-:::moniker range=">= aspnetcore-9.0"
-
 ## Only serialize the name and role claims
 
 In the `Program` file, all claims are serialized by setting <xref:Microsoft.AspNetCore.Components.WebAssembly.Server.AuthenticationStateSerializationOptions.SerializeAllClaims%2A> to `true`. If you only want the name and role claims serialized for CSR, remove the option or set it to `false`.
 
-:::moniker-end
-
 ## Supply configuration with the JSON configuration provider (app settings)
 
 The [sample solution projects](#sample-solution) configure Microsoft Identity Web and JWT bearer authentication in their `Program` files in order to make configuration settings discoverable using C# autocompletion. Professional apps usually use a *configuration provider* to configure OIDC options, such as the default [JSON configuration provider](xref:fundamentals/configuration/index). The JSON configuration provider loads configuration from app settings files `appsettings.json`/`appsettings.{ENVIRONMENT}.json`, where the `{ENVIRONMENT}` placeholder is the app's [runtime environment](xref:fundamentals/environments). Follow the guidance in this section to use app settings files for configuration.

@@ -5,7 +5,7 @@ description: Learn how to secure a Blazor Web App with OpenID Connect (OIDC).
 monikerRange: '>= aspnetcore-8.0'
 ms.author: wpickett
 ms.custom: mvc
-ms.date: 04/29/2025
+ms.date: 07/29/2025
 uid: blazor/security/blazor-web-app-oidc
 zone_pivot_groups: blazor-web-app-oidc-specification
 ---
@@ -116,8 +116,18 @@ The `MinimalApiJwt` project is a backend web API for multiple frontend projects.
 
 The `MinimalApiJwt.http` file can be used for testing the weather data request. Note that the `MinimalApiJwt` project must be running to test the endpoint, and the endpoint is hardcoded into the file. For more information, see <xref:test/http-files>.
 
+:::moniker range=">= aspnetcore-9.0"
+
+The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview).
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-9.0"
+
 The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview) and the [Swagger UI](https://swagger.io/api-hub/) in the Development environment. For more information, see <xref:fundamentals/openapi/using-openapi-documents#use-swagger-ui-for-local-ad-hoc-testing>.
 
+:::moniker-end
+
 The project creates a [Minimal API](xref:fundamentals/minimal-apis) endpoint for weather data:
 
 ```csharp
@@ -453,8 +463,18 @@ The `MinimalApiJwt` project is a backend web API for multiple frontend projects.
 
 The `MinimalApiJwt.http` file can be used for testing the weather data request. Note that the `MinimalApiJwt` project must be running to test the endpoint, and the endpoint is hardcoded into the file. For more information, see <xref:test/http-files>.
 
+:::moniker range=">= aspnetcore-9.0"
+
+The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview).
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-9.0"
+
 The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview) and the [Swagger UI](https://swagger.io/api-hub/) in the Development environment. For more information, see <xref:fundamentals/openapi/using-openapi-documents#use-swagger-ui-for-local-ad-hoc-testing>.
 
+:::moniker-end
+
 The project creates a [Minimal API](xref:fundamentals/minimal-apis) endpoint for weather data:
 
 ```csharp
@@ -848,8 +868,18 @@ The `MinimalApiJwt` project is a backend web API for multiple frontend projects.
 
 The `MinimalApiJwt.http` file can be used for testing the weather data request. Note that the `MinimalApiJwt` project must be running to test the endpoint, and the endpoint is hardcoded into the file. For more information, see <xref:test/http-files>.
 
+:::moniker range=">= aspnetcore-9.0"
+
+The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview).
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-9.0"
+
 The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview) and the [Swagger UI](https://swagger.io/api-hub/) in the Development environment. For more information, see <xref:fundamentals/openapi/using-openapi-documents#use-swagger-ui-for-local-ad-hoc-testing>.
 
+:::moniker-end
+
 A secure weather forecast data endpoint is in the project's `Program` file:
 
 ```csharp

@@ -5,7 +5,7 @@ description: Learn how to secure Blazor WebAssembly apps with ASP.NET Core Ident
 monikerRange: '>= aspnetcore-8.0'
 ms.author: wpickett
 ms.custom: mvc
-ms.date: 11/12/2024
+ms.date: 07/29/2025
 uid: blazor/security/webassembly/standalone-with-identity/index
 ---
 # Secure ASP.NET Core Blazor WebAssembly with ASP.NET Core Identity
@@ -150,8 +150,18 @@ A [Cross-Origin Resource Sharing (CORS)](xref:security/cors) policy is establish
 * `Backend` app (`BackendUrl`): `https://localhost:5001`
 * `BlazorWasmAuth` app (`FrontendUrl`): `https://localhost:5002`
 
+:::moniker range=">= aspnetcore-9.0"
+
+The project includes packages and configuration to produce [OpenAPI documents](xref:fundamentals/openapi/overview).
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-9.0"
+
 Services and endpoints for [Swagger/OpenAPI](xref:tutorials/web-api-help-pages-using-swagger) are included for web API documentation and development testing. For more information on NSwag, see <xref:tutorials/get-started-with-nswag>.
 
+:::moniker-end
+
 User role claims are sent from a [Minimal API](xref:fundamentals/minimal-apis/overview) at the `/roles` endpoint.
 
 Routes are mapped for Identity endpoints by calling `MapIdentityApi<AppUser>()`.