I am trying to create ASP.Net Core Hosted Blazor Webassembly with Azure AD authentication. As per this document, Microsoft suggests creating separate app registrations for the server api and the client app.
My question is: is it possible to use the same client id instead of the 2 separate mentioned in the document, since it really is 1 project/artifact (containing the static blazor site + web api) that will be deployed into Azure. Will there be an issue if only 1 app registration is used?
There shouldn't be an issue. The one thing I was thinking of that could have issues was the on-behalf-of flow but the article says basically no issues: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow#use-of-a-single-application.
The new application model allows an app registration to have multiple platforms in it, so you can register reply URLs for desktop apps, mobile apps and API scopes all in the same app.
There might be some weird corner cases if it is a multi-tenant application, but if it is single-tenant there should be no issues with using a single app.