Blazor WebClient Server Appsettings

This page lists all settings found in the appsettings.json file for the Blazor WebClient Server.

ClientBlazor WebClient Server

The appsettings.json file is located in the following directory: ..\<AMT root>\Apps\<Application>\ClientBlazor\WebClient\Server\.

Settings

The appsettings file is (sub-)divided into the following sections.

RuntimeBehaviour

Sets the runtime behaviour to either Lion, Cobol or Natural.
For AMT Lion applications this should be set to Lion.

HttpRequestTimeout

The HTTP request timeout in seconds.

KeepAliveInterval

The number of seconds between keepalive calls to the client, the default value is 60.

MaxRequestLength

By default the maximum size of data uploaded to the AMT Blazor WebClient is limited to 10240 kilobytes (10 megabytes) per HTTP request.
To increase the upload size, for instance to allow for larger files to be uploaded via the File uploader control, the MaxRequestLength setting can be increased.
Note that this setting limits the whole HTTP request, not just the file(s) to be uploaded, meaning that the limit should be set higher than the maximum intended file size.

This setting controls the upload limit in kilobytes, it is a 32 bit integer which limits the setting to a maximum value of 2147483647.

Theme

Theme: The name of the folder located in wwwroot\app_themes which contains custom theme CSS files that will be used for the styling of the Web Application.
NoDefaultTheme: When set to true, the default CSS files will not be loaded. Default is false.

Creating a Custom Application Theme in a Blazor WebClient

HideMainMenu

When set to true, the Menu bar at the top of the application will be hidden. (AMT Lion only)

IsVSApplication

If an application is an AMT for CSharp application (Visual Studio) that uses static webpages, this setting should be set to true.

LoadAndRun

The LoadAndRun JavaScript script is a customer specific customization created during migration which can modify the values to and from an AMT web client form by hooking into a form at certain loading stages on runtime. The LoadAndRun script can be enabled with these settings.

ObjectFields: The names of the object fields which must be present in the form for the LoadAndRun script to hook into.
LoadAndRun: Setting the value to "true" will enable the LoadAndRun script for the application.
LoadAndRunJs: The name and location of the script relative to the wwwroot\scripts folder of the web client.

Customize

If a client specific customize JavaScript script was created for an application during migration, it can be enabled with these settings.

LoadCustomize: Setting the value to "true" will enable the customize script for the application.
CustomizeJs: The name and location of the script relative to the wwwroot\scripts folder of the web client.

AdditionalErrorDetails

When set to true, the AmtExceptionPage provides additional error information.

Additional Javascripts

These options can be set if additional javascript files are required in the Web Client.

LoadAdditionalJavascripts: Setting the value to "true" will activate the javascript files set in the AdditionalJavascripts setting.
AdditionalJavascripts: The location of the scripts relative to the wwwroot\scripts folder of the web client, multiple scripts can be entered if separated by a semicolon (;). The .js file extension should not be included.

UseNotifyBar

UseNotifyBar enables or disables a notification bar in the web client.
When messages are send to the station of a user, a notification bar will appear to display the message and disappear after a set time. The default value is true.
With NotifyBarTime the default visibility duration of the bar can be changed by setting a time in seconds, the default value is 120 seconds (2 minutes).
Alternatively the notification bar can be closed manually by clicking the close button on the bar.

BlazorWebApi

Settings needed to communicate with the Blazor WebAPI.

Protocol: The protocol to be used for the Blazor WebAPI, either Https or Http.
Domain: This setting should contain the URL of the Blazor WebApi website without the protocol prefix.
Port: Set to 0 for normal operations. Other values are used for debugging.
The port setting is used when debugging Blazor locally without IIS. Set to 0 when hosted on IIS.

AuthenticationType

The authentication type used to log into the Blazor WebClient, the only valid option is "OIDC" (OpenID Connect).

AmtOIDC - OIDC

This section holds the settings for OpenID Connect authentication.

• ClientId - The client ID of the application.
• Authority - The OIDC authority URL
• Scope - The scopes to request from the authorization server to allow access tokens to be used to call other resource servers (e.g. CC, AC or Blazor APIs).
• ClientSecret - The client secret of the application, not applicable if client assertion is enabled.
• TokenValidationParameters:
  • NameClaimType - The claim type that will be used to identify the user. Commonly preferred_username is used as claim type.
    The claim type must be identical to the claim type set in the Blazor WebAPI appsettings.
• RequireHttpsMetadata - If true then HTTPS is required for the authority. The default is true. This should be disabled only in development environments.

AmtOIDC - CookieAuthenticationOptions

The 'CookieAuthenticationOptions' section holds settings for the cookie used for user authentication.

• Name - Name of the authentication cookie that will be used to store the identity token.
• Domain - The domain of the authentication cookie.
• Path - The path of the authentication cookie.
• SameSite - SameSite policy of the authentication cookie. Should be set to None if the application is used in an iframe.
  Allowed values are: Undefined the default value which does not set a SameSite field, None to disable SameSite restrictions, Lax to send the cookie with "same-site" requests and with "cross-site" top-level navigations, and Strict to only send the cookie with "same-site" requests.

AmtOIDC

This section holds the remaining OpenID Connect options.

• DisableRefreshTokens - Set to true to disable the refresh of tokens. Defaults to false.
• RefreshThreshold - The refresh threshold in seconds if enabled. If tokens expire within the configured threshold, the tokens will be refreshed. Defaults to 60 seconds.
• EnableClientAssertion - Set to true to enable client assertion. Defaults to false. If true, a signed token will be used to authenticate users instead of a client secret.
• ClientAssertionAlgorithm - The algorithm used to sign the token to be used as client assertion. Defaults to RS256.
• CertificateConfig - This section must be set if client assertion is enabled. See CertificateConfig.

AmtOIDC - CertificateConfig

Configuration options for the certificate used to sign the client assertion. This section can be left out if client assertion is disabled.

• AllowInvalid - Set to true if invalid certificates should be allowed. Defaults to false.
• Subject - The subject of the certificate.
• StoreName - The name of the store where the certificate is located. Defaults to 'MY'.
• StoreLocation - The location of the store where the certificate is located. Defaults to 'CurrentUser'.
• Path - The path to the certificate file.
• Password - The password for the certificate. Only necessary when loading the certificate from base64 or file.

Logging

Sets the logging levels for the various ASP.NET Core components of the web application. These settings do not need be adjusted in a normal situation.
The allowed log levels are, from most to least detailed: Trace, Debug, Information, Warning, Error, Critical and None.

AllowedHosts

In the AllowedHosts section, access to the web application can be restricted to specific hostnames.
The value is a semicolon-delimited list of host names without port numbers.
By default all hostnames are allowed by the asterisk (*) wildcard.
Disallowed users will get a HTTP 400 error code (Bad Request).