Blazor WASM security: Distinguish Kestrel & IIS ports (#18390)

Author: guardrex

aspnetcore/security/blazor/webassembly/hosted-with-azure-active-directory-b2c.md

@@ -65,15 +65,15 @@ Follow the guidance in [Tutorial: Register an application in Azure Active Direct
 1. In **Azure Active Directory** > **App registrations**, select **New registration**.
 1. Provide a **Name** for the app (for example, **Blazor Client AAD B2C**).
 1. For **Supported account types**, select the multi-tenant option: **Accounts in any organizational directory or any identity provider. For authenticating users with Azure AD B2C.**
-1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:5001/authentication/login-callback`
+1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:{PORT}/authentication/login-callback`. The default port for an app running on Kestrel is 5001. For IIS Express, the randomly generated port can be found in the Server app's properties in the **Debug** panel.
 1. Confirm that **Permissions** > **Grant admin concent to openid and offline_access permissions** is enabled.
 1. Select **Register**.
 
 Record the Application ID (Client ID) (for example, `11111111-1111-1111-1111-111111111111`).
 
 In **Authentication** > **Platform configurations** > **Web**:
 
-1. Confirm the **Redirect URI** of `https://localhost:5001/authentication/login-callback` is present.
+1. Confirm the **Redirect URI** of `https://localhost:{PORT}/authentication/login-callback` is present.
 1. For **Implicit grant**, select the check boxes for **Access tokens** and **ID tokens**.
 1. The remaining defaults for the app are acceptable for this experience.
 1. Select the **Save** button.

aspnetcore/security/blazor/webassembly/hosted-with-azure-active-directory.md

@@ -62,15 +62,15 @@ Follow the guidance in [Quickstart: Register an application with the Microsoft i
 1. In **Azure Active Directory** > **App registrations**, select **New registration**.
 1. Provide a **Name** for the app (for example, **Blazor Client AAD**).
 1. Choose a **Supported account types**. You may select **Accounts in this organizational directory only** (single tenant) for this experience.
-1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:5001/authentication/login-callback`
+1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:{PORT}/authentication/login-callback`. The default port for an app running on Kestrel is 5001. For IIS Express, the randomly generated port can be found in the Server app's properties in the **Debug** panel.
 1. Disable the **Permissions** > **Grant admin concent to openid and offline_access permissions** check box.
 1. Select **Register**.
 
 Record the *Client app* Application ID (Client ID) (for example, `33333333-3333-3333-3333-333333333333`).
 
 In **Authentication** > **Platform configurations** > **Web**:
 
-1. Confirm the **Redirect URI** of `https://localhost:5001/authentication/login-callback` is present.
+1. Confirm the **Redirect URI** of `https://localhost:{PORT}/authentication/login-callback` is present.
 1. For **Implicit grant**, select the check boxes for **Access tokens** and **ID tokens**.
 1. The remaining defaults for the app are acceptable for this experience.
 1. Select the **Save** button.

aspnetcore/security/blazor/webassembly/standalone-with-azure-active-directory-b2c.md

@@ -29,15 +29,15 @@ Follow the guidance in [Tutorial: Register an application in Azure Active Direct
 1. In **Azure Active Directory** > **App registrations**, select **New registration**.
 1. Provide a **Name** for the app (for example, **Blazor Standalone AAD B2C**).
 1. For **Supported account types**, select the multi-tenant option: **Accounts in any organizational directory or any identity provider. For authenticating users with Azure AD B2C.**
-1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:5001/authentication/login-callback`
+1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:{PORT}/authentication/login-callback`. The default port for an app running on Kestrel is 5001. For IIS Express, the randomly generated port can be found in the app's properties in the **Debug** panel.
 1. Confirm that **Permissions** > **Grant admin concent to openid and offline_access permissions** is enabled.
 1. Select **Register**.
 
 Record the Application ID (Client ID) (for example, `11111111-1111-1111-1111-111111111111`).
 
 In **Authentication** > **Platform configurations** > **Web**:
 
-1. Confirm the **Redirect URI** of `https://localhost:5001/authentication/login-callback` is present.
+1. Confirm the **Redirect URI** of `https://localhost:{PORT}/authentication/login-callback` is present.
 1. For **Implicit grant**, select the check boxes for **Access tokens** and **ID tokens**.
 1. The remaining defaults for the app are acceptable for this experience.
 1. Select the **Save** button.

aspnetcore/security/blazor/webassembly/standalone-with-azure-active-directory.md

@@ -21,7 +21,7 @@ Register a AAD app in the **Azure Active Directory** > **App registrations** are
 
 1. Provide a **Name** for the app (for example, **Blazor Standalone AAD**).
 1. Choose a **Supported account types**. You may select **Accounts in this organizational directory only** for this experience.
-1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:5001/authentication/login-callback`
+1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:{PORT}/authentication/login-callback`. The default port for an app running on Kestrel is 5001. For IIS Express, the randomly generated port can be found in the app's properties in the **Debug** panel.
 1. Disable the **Permissions** > **Grant admin concent to openid and offline_access permissions** check box.
 1. Select **Register**.
 
@@ -32,7 +32,7 @@ Record the following information:
 
 In **Authentication** > **Platform configurations** > **Web**:
 
-1. Confirm the **Redirect URI** of `https://localhost:5001/authentication/login-callback` is present.
+1. Confirm the **Redirect URI** of `https://localhost:{PORT}/authentication/login-callback` is present.
 1. For **Implicit grant**, select the check boxes for **Access tokens** and **ID tokens**.
 1. The remaining defaults for the app are acceptable for this experience.
 1. Select the **Save** button.

aspnetcore/security/blazor/webassembly/standalone-with-microsoft-accounts.md

@@ -21,15 +21,15 @@ Register a AAD app in the **Azure Active Directory** > **App registrations** are
 
 1. Provide a **Name** for the app (for example, **Blazor Standalone AAD Microsoft Accounts**).
 1. In **Supported account types**, select **Accounts in any organizational directory**.
-1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:5001/authentication/login-callback`.
+1. Leave the **Redirect URI** drop down set to **Web**, and provide the following redirect URI: `https://localhost:{PORT}/authentication/login-callback`. The default port for an app running on Kestrel is 5001. For IIS Express, the randomly generated port can be found in the app's properties in the **Debug** panel.
 1. Disable the **Permissions** > **Grant admin concent to openid and offline_access permissions** check box.
 1. Select **Register**.
 
 Record the Application ID (Client ID) (for example, `11111111-1111-1111-1111-111111111111`).
 
 In **Authentication** > **Platform configurations** > **Web**:
 
-1. Confirm the **Redirect URI** of `https://localhost:5001/authentication/login-callback` is present.
+1. Confirm the **Redirect URI** of `https://localhost:{PORT}/authentication/login-callback` is present.
 1. For **Implicit grant**, select the check boxes for **Access tokens** and **ID tokens**.
 1. The remaining defaults for the app are acceptable for this experience.
 1. Select the **Save** button.