Blazor Dashboard
Guide to integrating Elsa Studio with Blazor Server applications, covering hosting patterns, authentication configuration, and troubleshooting common issues.
This guide covers integrating Elsa Studio (the workflow designer UI) with Blazor Server applications. You'll learn different hosting patterns, how to configure authentication, and how to troubleshoot common integration issues.
Overview
Elsa Studio can be integrated with Blazor Server apps in several ways:
Same Process: Host Elsa Server endpoints and Elsa Studio in the same ASP.NET Core application
Separate Services: Host Elsa Server as a separate service and connect Elsa Studio via HTTP
Hybrid: Mix of both approaches for different environments
This guide focuses primarily on Blazor Server integration, which provides a simpler hosting model compared to Blazor WebAssembly.
Prerequisites
ASP.NET Core 8.0+ application
Blazor Server app (or willingness to add Blazor Server to an existing app)
Basic understanding of Blazor authentication and authorization
Elsa Server already set up (see Hosting Elsa in an Existing App)
Hosting Patterns
Pattern 1: Single Process (Recommended for Small Teams)
In this pattern, both Elsa Server (workflow runtime + API) and Elsa Studio (UI) run in the same ASP.NET Core process.
Advantages:
Simpler deployment (single service)
Easier authentication setup (shared auth context)
Lower latency (no network hop between UI and API)
Suitable for small to medium workloads
Disadvantages:
UI and runtime share resources (memory, CPU)
Scaling requires scaling both components together
UI restarts affect runtime and vice versa
Architecture:
Pattern 2: Separate Services (Recommended for Production)
Elsa Server runs as a standalone service, and Elsa Studio connects to it via HTTP.
Advantages:
Independent scaling (scale runtime without scaling UI)
Better isolation (UI issues don't affect workflow execution)
Multiple Studio instances can connect to one Server
Easier to secure and monitor separately
Disadvantages:
More complex deployment (two services)
Network latency between UI and API
Requires proper authentication/authorization setup
CORS configuration needed
Architecture:
Implementation: Single Process Pattern
Step 1: Install Required Packages
Step 2: Configure Services in Program.cs
Step 3: Create Blazor Host Page
Create or update Pages/_Host.cshtml:
Step 4: Configure App.razor
Update App.razor to include Elsa Studio routes:
Step 5: Test the Integration
Run your application
Navigate to
/workflows(or the Studio route configured)You should see the Elsa Studio workflow designer
Authentication Configuration
When hosting Elsa Server and Studio together, authentication must be configured so that:
Users can log into the Blazor app
Studio API calls to Elsa Server are authorized
Cookie-Based Authentication (Recommended for Single Process)
This is the simplest approach when both components are in the same process:
With this configuration:
Users log in via your app's login page
Authentication cookie is automatically sent with Studio → Elsa Server API calls
Elsa Server validates the cookie and authorizes requests
Common Authentication Issues
Issue 1: 401 Unauthorized on API Calls
Symptom: Elsa Studio loads, but API calls to fetch workflow definitions fail with 401 Unauthorized.
Cause: Authentication scheme mismatch or missing authentication middleware.
Solution:
Ensure authentication middleware is added before authorization:
Verify the same authentication scheme is used:
Check that cookies are being sent in Studio API calls (browser DevTools → Network tab)
Issue 2: Infinite Login Redirect Loop
Symptom: Navigating to Studio redirects to login, which redirects back to Studio, which redirects to login again.
Cause: Login path is not excluded from authorization requirements.
Solution:
Allow anonymous access to login/logout pages:
Or use [AllowAnonymous] attribute on login page:
Issue 3: Missing Bearer Token in API Calls
Symptom: In a separate services setup, Studio doesn't send authentication token to Elsa Server.
Cause: Token forwarding not configured.
Solution:
Configure Studio to forward authentication:
Implementation: Separate Services Pattern
When running Elsa Server and Studio as separate services, additional configuration is required.
Elsa Server Configuration
Elsa Studio Configuration
CORS Configuration
When Studio and Server are on different domains, configure CORS properly:
Elsa Server (appsettings.json):
Elsa Server (Program.cs):
Troubleshooting Common Issues
Login/401 Issues
Problem: Studio loads but shows "Unauthorized" or redirects to login repeatedly.
Diagnosis:
Check browser DevTools → Network tab
Look at API calls from Studio to Elsa Server
Check response status codes and headers
Common Causes:
Mismatched authentication scheme:
Studio uses cookies, Server expects Bearer tokens
Fix: Align both to use the same scheme
Authentication middleware missing or in wrong order:
CORS blocking credentials:
Token/Cookie Not Forwarded
Problem: User is authenticated in Studio, but API calls don't include authentication.
Solution: Configure HTTP client to forward authentication:
Minimal Conceptual Example
Here's a complete minimal example of a Blazor Server app with Elsa Studio:
Program.cs:
Security Considerations
For production deployments, follow security best practices:
Always use HTTPS: Never transmit authentication tokens over HTTP
Configure CORS restrictively: Only allow known Studio origins
Use short-lived tokens: Configure appropriate token lifetimes
Implement RBAC: Restrict workflow design to authorized users only
Audit access: Log all workflow modifications
For detailed security configuration, see:
Disable Auth in Dev (development only)
Next Steps
Customize Studio: Configure themes, localization, and plugins
Add Custom Activities: Extend workflow designer with Custom Activities
Deploy to Production: Follow Kubernetes Deployment guide
Integrate with Identity Provider: Set up External Identity Providers
Run Workflows: Learn about Running Workflows
Related Documentation
Last Updated: 2025-12-02 Addresses Issues: #87
Last updated