Skip to content

Cannot use Blazor WebAssembly debugging with OpenID Connect login due to unpredictable localhost port #61949

New issue
New issue
Closed
Closed
Cannot use Blazor WebAssembly debugging with OpenID Connect login due to unpredictable localhost port#61949
Labels
Author: Migration Bot 🤖The issue was created by a issue mover bot. The author may not be the actual author.Needs: Author FeedbackThe author of this issue needs to respond in order for us to continue investigating this issue.area-blazorIncludes: Blazor, Razor Components
@vsfeedback

Description

@vsfeedback
vsfeedback
opened on May 15, 2025

This issue has been moved from a ticket on Developer Community.

Summary:

When debugging a Blazor WebAssembly app in Visual Studio with OpenID Connect login (e.g., using OpenIddict), the application is launched on a random localhost port (e.g., https://localhost:51783). This makes it impossible to pre-register a redirect URI for login flows, which are required to match exactly by identity providers.

Expected behavior:

I expect to be able to:

  • Debug my Blazor WebAssembly app normally
  • Use OpenID Connect login
  • Register a known, stable redirect URI in the identity provider (e.g., https://localhost:5005/authentication/callback)

Actual behavior:

Blazor WASM debugging launches the app on a random port with each run, like:

https://localhost:51783/

This breaks the OpenID Connect flow because:

  • The identity provider requires a static, pre-registered redirect_uri
  • The app’s real port is not known until the browser opens

As a result, login fails with invalid_redirect_uri or requires unsafe workarounds like wildcard redirects (which most providers disallow or OpenIddict refuses to match).

Why this matters:

  • Secure login flows (e.g., using OpenIddict, Duende, Auth0) require strict redirect URI matching
  • Random ports make reliable debugging impossible
  • There is no current way to fix the debug port for Blazor WASM apps in Visual Studio

Workarounds attempted:

  • Tried to use launchSettings.json to fix the port → ignored by Visual Studio for Blazor WASM
  • Tried dynamic redirect URI patching → doesn't help since identity provider also requires known redirect_uri
  • Tried IHttpContextAccessor or OpenIddictClientService tricks → adds too much complexity

Repro steps:

  1. Create a Blazor WASM project with OpenId Connect login (using OpenIddict or any OIDC provider)
  2. Launch in debug mode (F5)
  3. Observe that the app uses a random port
  4. Attempt login — you'll see a failure due to redirect_uri mismatch

Suggestion:

Please allow Blazor WebAssembly apps to:

  • Set a fixed HTTPS port (via launchSettings.json or Aspire config)
  • Or reuse the same debug port across runs
  • Or expose the actual launch port to the app before startup

Original Comments

Feedback Bot on 5/9/2025, 05:17 AM:

We have directed your feedback to the appropriate engineering team for further evaluation. The team will review the feedback and notify you about the next steps.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Author: Migration Bot 🤖The issue was created by a issue mover bot. The author may not be the actual author.Needs: Author FeedbackThe author of this issue needs to respond in order for us to continue investigating this issue.area-blazorIncludes: Blazor, Razor Components

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions