// -------------------------- Add to .csprpoj file

  <PropertyGroup>
    <TargetFramework>net5.0</TargetFramework>
    <UserSecretsId>aspnet-{Your Project Name}-{Generate A Guid}</UserSecretsId>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="5.0.0" NoWarn="NU1605"/>
    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="5.0.0" NoWarn="NU1605" />
    <PackageReference Include="Microsoft.Identity.Web" Version="1.1.0" />
    <PackageReference Include="Microsoft.Identity.Web.UI" Version="1.1.0" />
  </ItemGroup>

// -------------------------- App.Razor
<CascadingAuthenticationState>
    <Router AppAssembly="@typeof(Program).Assembly">
        <Found Context="routeData">
            <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" />
        </Found>
        <NotFound>
            <LayoutView Layout="@typeof(MainLayout)">
                <p>Sorry, there's nothing at this address.</p>
            </LayoutView>
        </NotFound>
    </Router>
</CascadingAuthenticationState>

// -------------------------- Shared\MainLayout.razor
@inherits LayoutComponentBase

<div class="page">
    <div class="sidebar">
        <NavMenu />
    </div>

    <div class="main">
        <div class="top-row px-4 auth">
            <LoginDisplay />
            <a href="https://docs.microsoft.com/aspnet/" target="_blank">About</a>
        </div>

        <div class="content px-4">
            @Body
        </div>
    </div>
</div>

// -------------------------- Shared\LoginDisplay.razor

@using Microsoft.Identity.Web
@using Microsoft.Extensions.Options
@inject IOptionsMonitor<MicrosoftIdentityOptions> microsoftIdentityOptions

<AuthorizeView>
    <Authorized>
        @if (canEditProfile)
        {
            <a href="MicrosoftIdentity/Account/EditProfile">Hello, @context.User.Identity.Name!</a>
        }
        else
        {
            <text>Hello, @context.User.Identity.Name!</text>
        }
        <a href="MicrosoftIdentity/Account/SignOut">Log out</a>
    </Authorized>
    <NotAuthorized>
        <a href="MicrosoftIdentity/Account/SignIn">Log in</a>
    </NotAuthorized>
</AuthorizeView>

@code {
    private bool canEditProfile;

    protected override void OnInitialized()
    {
        var options = microsoftIdentityOptions.CurrentValue;
        canEditProfile = !string.IsNullOrEmpty(options.EditProfilePolicyId);
    }
}

// -------------------------- Add to Startup.cs:

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;

services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
	.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAdB2C"));

services.AddControllersWithViews()
	.AddMicrosoftIdentityUI();

services.AddAuthorization(options =>
{
    	// By default, all incoming requests will be authorized according to the default policy
	options.FallbackPolicy = options.DefaultPolicy;
});

services.AddServerSideBlazor()
	.AddMicrosoftIdentityConsentHandler();

// after app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();

endpoints.MapControllers();



// -------------------------- Add to appsettings.json:

  "AzureAdB2C": {
    "Instance": "your-instance-url",
    "ClientId": "your-ad-b2c-application-id",
    "CallbackPath": "/signin-oidc",
    "Domain": "your-domain",
    "SignedOutCallbackPath": "/signout",
    "SignUpSignInPolicyId": "your-signin-sightout-policy-id",
    "ResetPasswordPolicyId": "your-password-reset-policy-id",
    "EditProfilePolicyId": "",
    "ClientSecret": "your-client-secret"
  },