Asdamir Documentation¶

Welcome to the Asdamir documentation. Asdamir is a security-first application framework for .NET 10 + Blazor, delivered as four NuGet packages (Asdamir.Core, Asdamir.Data, Asdamir.Web, Asdamir.Tools) plus a reference management application (AppManagement).

New here? Start with Getting Started, then skim the Fundamentals for the building blocks you need.

Getting started¶

Page	What you'll learn
Getting Started	Install the packages, wire up `AddFramework()` / `UseFramework()`, and run your first app
Architecture	Platform topology, repository roles, two-tier RBAC, cross-app orchestration

Fundamentals¶

The framework is organized as composable building blocks. Each can be enabled independently via its Add… extension on IServiceCollection.

Page	Package	Summary
Modules	`Asdamir.Core`	Package features as self-registering `IModule`s with a managed lifecycle
Authentication	`Asdamir.Core` / `Asdamir.Web`	JWT issuance/validation, refresh-token rotation, two-factor (2FA)
Authorization	`Asdamir.Core` / `Asdamir.Web`	Permissions, policies, route authorization, two-tier RBAC
Multi-Tenancy	`Asdamir.Core`	Tenant resolution (claims/header) and the ambient `ITenantContext`
Validation	`Asdamir.Core`	FluentValidation, custom attributes, and the business-rule engine
Error Handling	`Asdamir.Core`	`Result`, RFC-7807 ProblemDetails, error translation, dead-letter queue
Data Access	`Asdamir.Data`	Dapper repositories over a multi-provider connection abstraction
Configuration & Feature Flags	`Asdamir.Data`	Database-backed dynamic configuration and feature toggles
Background Jobs	`Asdamir.Data`	Hangfire-based scheduling, execution and dashboard
Transactional Outbox	`Asdamir.Data`	Reliable mail/SMS delivery with retry, backoff and dead-lettering
Localization	`Asdamir.Web`	API-backed, multi-culture string localization with caching
Audit Logging	`Asdamir.Core` / `Asdamir.Web`	Capture security-relevant actions to an audit trail
Encryption	`Asdamir.Core`	AES-GCM encryption + PBKDF2 key derivation for data at rest
Observability	`Asdamir.Core` / API tiers	Serilog logs, correlation IDs, OpenTelemetry traces+metrics (incl. SQL/Dapper), health probes

Web & UI¶

Page	Summary
Web Security	CSP nonce, security headers, rate limiting, Data Protection, auto-logout
UI Components	The FluentUI Blazor component library (DataGrid, dialogs, charts, export…)

Tooling & operations¶

Page	Summary
CLI (`asdamir`)	Scaffolding, `audit lint`, `db apply` (journaled migrations), `secrets`
Web Security	CSP, headers, rate limiting (scale-out), Data Protection keys
Secret Management & Rotation	Secret inventory + EncryptionKey / Jwt:Key / client-secret rotation
Mobile App (MAUI)	MAUI Blazor Hybrid scaffold — login, nav drawer, offline cache

Conventions used in these docs¶

Code samples target .NET 10 and assume a top-level Program.cs.
IServiceCollection extensions are named Add…; pipeline (IApplicationBuilder) extensions are named Use….
Secrets are never read from appsettings.json — see Getting Started → Configuration.