Currently this is handled by https://github.com/dotnet/aspnetcore/blob/bd1ba76c34a598bb6f10ee184aa5f25689d83c65/src/Components/WebAssembly/Server/src/AuthenticationStateSerializer.cs#L16 https://github.com/dotnet/aspnetcore/blob/bd1ba76c34a598bb6f10ee184aa5f25689d83c65/src/Components/WebAssembly/WebAssembly.Authentication/src/Services/DeserializedAuthenticationStateProvider.cs#L14 We want to use the same approach we follow with antiforgery.