The default Asp.Net Core templates allow you to deploy Duende IdentityServer for individual accounts authentication. Specifically for Blazor Wasm hosted solutions, the default templates will add IdentityServer to the server hosted project and the relevant libraries to wasm to redirect to the server app for authentication and identity management (2fa, password reset , etc) One issue I'm facing is the fact that I cannot enable WASM prerender and from what I understand BFF can be a solution to this issue, with enhanced security since token will be maintained at the backend.
The question is whether IdentityServer and BFF can be hosted on the same project on the backend or if I'll have to host them in 2 separate project and hence to separate services.
I tried adding BFF libraries on the same project but it seems that the identity endpoints are overridden by those coming from IdentityServer
You can always place both the BFF, client, and APIs on the same box as IdentityServer, but in my experience, that makes it complicated to debug and reason about with all the involved handlers, functionality, cookies, and other concepts.
I always recommend that place IdentityServer in its own service, just because then you reduce complexity, you achieve separations of concerns, and it becomes much more trivial to debug and reason about it.