This article shows how to secure a Blazor Server application. The application implements an OpenID Connect confidential client with PKCE using .NET 8 and configures the security headers as best possible for the Blazor Server application. OpenIddict is used to implement the identity provider and the OpenID Connect server. Code: https://github.com/damienbod/BlazorServerOidc OpenID Connect flow In … Continue reading Securing a Blazor Server application using OpenID Connect and security headers