I'm working on a project for a financial application and after a lot of thought decided to create a web API (using JWT) and, initially, a Blazor frontend. Eventually we will add mobile apps.
So my first idea was to use Blazor WASM. Then thinking about how to secure the API from brute force attacks I realized that HttpClient will run on the client machine so we can't restrict access to the API by IP address.
It seams that Blazor Server is a better option.
What do you think?

