HttpContext is null in production but working currently in development Blazor Web App .Net 8

Question

HttpContext is null in production but working currently in development Blazor Web App .Net 8

Prathamesh Shende 511

hello,
HttpContext after successful login, it is null in production but working currently in development Blazor Web App .Net 8 Interactive Auto.

I have added this authorizationhandler and assigned to httpClient in program.cs

public class AuthorizationHandler(IHttpContextAccessor httpContextAccessor) : DelegatingHandler

{

private readonly IHttpContextAccessor _httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));

protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)

{

    var httpContext = _httpContextAccessor.HttpContext ??

        throw new InvalidOperationException("No HttpContext available from the IHttpContextAccessor!");

    if (httpContext != null && httpContext.Request.Cookies.TryGetValue("access_token", out var token))

    {

        request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);

    }

    return await base.SendAsync(request, cancellationToken);

} }
```program.cs

```ruby
services.AddTransient<AuthorizationHandler>();

 var httpClientBuilder = services.AddHttpClient("ApiClient", client =>

 { client.BaseAddress = new Uri("https://localhost:7067/"); }).AddHttpMessageHandler<AuthorizationHandler>();   
```why does this not working in production?

Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

Accepted answer

0 additional answers

Your answer

Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

Answer 1

Bruce (SqlWork.com) 79,101 Volunteer Moderator

with Interactive Auto, HttpContext is only available during pre-render. HttpContext is never available in ClientMode, and in server mode, it should only be used with static components. see thread:

https://github.com/dotnet/AspNetCore.Docs/issues/34301

as you want the token in client mode, on pre-render your code should write out the token to persisted state during pre-render:

https://learn.microsoft.com/en-us/aspnet/core/blazor/components/prerender?view=aspnetcore-9.0

The best practice would be to create a custom authentication state provider that did this:

https://learn.microsoft.com/en-us/aspnet/core/blazor/security/authentication-state?view=aspnetcore-9.0&pivots=server

Prathamesh Shende 511 Reputation points

2025-07-25T17:11:03.36+00:00

yes. i have refer this code and use it as it is
https://github.com/mohaaron/CustomAuthorizationHandler

BlazorWebApp/Services/ServerTokenHandler.cs this is the path . I named AuthorizationHandler.

this project is works in development but not in production
Prathamesh Shende 511 Reputation points

2025-07-25T17:12:36.5666667+00:00

But why it works in development and not in production. If httpContext has issue the it should be failed in development
Bruce (SqlWork.com) 79,101 Reputation points Volunteer Moderator

2025-07-25T22:56:32.2833333+00:00

I looked at the sample code. In the client app, it gets the access token from authentication state as I suggested.

I not sure the use case for your AuthorizationHandler(), but it should only be used by server controllers or server razor pages. It should not be called from any Blazor code. It also appears to depend on the access token being stored in a cookie, where in the sample code it stored in a server side dictionary for server use and persisted authentication state for client use.
Prathamesh Shende 511 Reputation points

2025-07-26T00:53:02.1066667+00:00

Yes my AuthorizationHandler is in Blazor server side project same as the sample.
The AuthorizationHandler used HttpContext to get the Request Cookie. As it Delegatinghandler It always access before running the api call.

The Cookie is already created I seen in browser. But HttpContext is stays empty.

After authorizing from IDP Provider. OpenIdConnect. It passes the access_token.

as per the sample access_token should be access at the first from httpContext by blazor server side.

Then persistingAuthenticationState for Blazor Client and blazor Client has PersistedAuthenticationState .

So the steps are correct as per sample and it working properly at development.

Can you suggest, How I can find this issue in production?
Like putting Logs or any other method to find ?
Bruce (SqlWork.com) 79,101 Reputation points Volunteer Moderator

2025-07-26T21:56:44.6033333+00:00

if HttpContext is null, then the HttpClient is being called from a Blazor Server component or a thread that is not tied to the thread context associated with the HttpContextAccessor.

You really should only use HttpContextAccessor with middleware that needs access to the context. A better approach would be middleware that extracted the cookie values and updated a transient service object.

as you persist the tokens in the Blazor authentication state, not sure why the server code needs the tokens anyway.

also is production a web farm? this could explain the different behavior.

as for logging, you should add middleware logging so you know the request that triggered HttpClient.
Prathamesh Shende 511 Reputation points

2025-07-27T11:39:10.9333333+00:00

In Development,
As you said I disable the Middleware and after persisted passes the access_token . So the issue is not there and also working fine.

In Production,
The also not getting any issue, but the api are not going to call due to websocket is not connected.

as you as is it Web farm? No.
Prathamesh Shende 511 Reputation points

2025-07-27T11:39:32.41+00:00

In Development,
As you said I disable the Middleware and after persisted passes the access_token . So the issue is not there and also working fine.

In Production,
The also not getting any issue, but the api are not going to call due to websocket is not connected.

as you as is it Web farm? No.
Bruce (SqlWork.com) 79,101 Reputation points Volunteer Moderator

2025-07-27T16:17:19.0866667+00:00

As you are using client WASM with pre-render, there is no signalr connection. When the Blazor client calls the server api, it should pass the bearer token. And of course HttpContextAccessor doesn’t work with WASM code. Also client Blazor does not have access to the cookies.

are you sure you are running dev and production in the same render mode?

again you should add enough logging to tell what code is calling HttpClient with your delegate. Be sure it’s not Blazor code.
Prathamesh Shende 511 Reputation points

2025-07-28T03:45:25.31+00:00

yes i am running same render mode on both dev and prod.

Thank you so much for your time.

Share via

HttpContext is null in production but working currently in development Blazor Web App .Net 8

0 additional answers

Your answer