Development

Adding an admin area

1. Add a page under Pages/ with its @page route (follow Clients.razor / ClientDetail.razor).
2. Add or extend methods on AuthorizationServerApiClient for the new endpoints.
3. Reuse manager components (ClientScopesManager, RedirectUrisManager, etc.) or add new ones under Components/.
4. Gate the page with an appropriate policy from AuthorizationPolicies.cs.

API client conventions

AuthorizationServerApiClient is a typed client bound to AuthorizationServerApi options with retry. AuthorizationMessageHandler adds the bearer token - keep new calls flowing through the same client so auth and resilience are consistent.

Authorization

Add new policies in AuthorizationPolicies.cs over the admin/viewer roles and apply them with [Authorize(Policy = ...)] or <AuthorizeView>.

Testing

<Name>.UnitTests (~65 files) covers Pages/, Services/, Components/, Integration/, Models/, including ServiceCollectionExtensionsTests and AuthorizationServerApiClientTests. Mirror this structure for new code.

See also

• Features
• Configuration