We are generating encrypted tokens for invitations sent to a user’s email. I need the user to be able to click on the link and land within my blazor app, have the token validated, and depending on the results either send the user through the Entra User Flow or send them to a 403 access denied.
The problem is that Blazor is just throwing a 404 any time someone tries to hit the page from the email.
Razor Markup
@page "/authentication/client/invitation/{token}"
@layout LandingPageLayout
@inherits BaseLandingPage
@rendermode InteractiveAuto
@if (ValidationResult.HasValue)
{
if (ValidationResult == HMACResult.Valid)
{
<RedirectToEntraSignInComponent/>
}
else
{
<RedirectTo403Component />
}
}
Razor code
public partial class ClientInvitationPage
{
[Parameter]
public string? Token { get; set; }
[Inject]
public IClientDataBroker ClientDataBroker { get; set; }
[Inject]
public ICurrentUserService CurrentUserService { get; set; }
[Inject]
public IConfigurationService ConfigurationService { get; set; }
private HMACResult? ValidationResult { get; set; }
protected override async Task OnInitializedAsync()
{
await base.OnInitializedAsync();
var result = await ClientDataBroker.ValidateInvitationTokenAsync(Token);
var tenantId = ConfigurationService.GetTenantId();
if (string.Equals(tenantId, result.DecryptedToken?.EntraTenantId, StringComparison.OrdinalIgnoreCase))
{
ValidationResult = result.ValidationResult;
}
else
{
//if the token does not belong to this tenant, reject
ValidationResult = HMACResult.InvalidToken;
}
}
}