Authentication state management at sign out (#33419)

dotnet · Aug 23, 2024 · 320c048 · 320c048
1 parent 3f361db
commit 320c048
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/aspnetcore/blazor/security/server/index.md b/aspnetcore/blazor/security/server/index.md
@@ -858,6 +858,12 @@ Two additional abstractions participate in managing authentication state:
 
 [!INCLUDE[](~/includes/aspnetcore-repo-ref-source-links.md)]
 
+## Authentication state management at sign out
+
+Server-side Blazor persists user authentication state for the lifetime of the circuit, including across browser tabs. To proactively sign off a user across browser tabs when the user signs out on one tab, you must implement a <xref:Microsoft.AspNetCore.Components.Server.RevalidatingServerAuthenticationStateProvider> ([reference source](https://github.com/dotnet/aspnetcore/blob/main/src/Components/Server/src/Circuits/RevalidatingServerAuthenticationStateProvider.cs)) with a short <xref:Microsoft.AspNetCore.Components.Server.RevalidatingServerAuthenticationStateProvider.RevalidationInterval>.
+
+[!INCLUDE[](~/includes/aspnetcore-repo-ref-source-links.md)]
+
 :::moniker range=">= aspnetcore-8.0"
 
 ## Temporary redirection URL validity duration