I have been having issues on a good/correct way to do authentication within a Blazor Web Assembly app. I understand they scaffold MVC on the server to do manage this currently and based on the blog posts it does appear they are adding some token authentication but I am still not sure how to make this into a full Blazor application.

My goal is to have the server only be the API endpoint that a front end can gain access to. If I use the authentication scaffold provided am I able to still use that for an API call from a phone app? Secondly if I want to make user accounts local and allow them third party logins I am confused on how to do this, I knew how to do it in MVC and it has stayed the same for the most part but again I would prefer to have everything within the same framework (Blazor) where all calls interact very similarly.

In the link above they mention a few new methods.

builder.Services.AddApiAuthorization();

// Add IdentityServer with support for API authorization
services.AddIdentityServer()
    .AddApiAuthorization<ApplicationUser, ApplicationDbContext>();

// Add JWT authentication
services.AddAuthentication()
    .AddIdentityServerJwt();

Which I am a little confused in understanding the process and how things are managed, can we use this process to run a rest method to login the user as an API endpoint? I have mostly used MVC as my web development process and have done little in SPA, but something is throwing me off here.