Add ME External ID guidance

[guardrex]

Fixes #35424

cc: @danroth27 ... I'm adding External ID to our BWA+Entra article to go with config notes in the sample apps. I intend to get a review from Stephen and get this merged ASAP to move on 🏃‍♂️.

Stephen ......

• The samples were updated with commented-out guidance for External ID on Add External ID config to Entra samples blazor-samples#633. Here's an example of what that looks like ... https://github.com/dotnet/blazor-samples/blob/main/10.0/BlazorWebAppEntra/BlazorWebAppEntra/Program.cs#L45-L67 ... and I made that entry for the BFF and non-BFF samples for 9.0 and 10.0.
• I'm not sure if there's anything in particular that I need to do for a Workforce tenant here. If you think there is, I think I'll need to open a new issue and work on it separately, as I'm 🏃‍♂️ now to get back to wrapping up 10.0 NIT work items.
• I'm also not seeking to work the Options pattern into our BWA+Entra coverage at this time. If you want me to add an Options-based config approach (section) to the article, then that also would have to go on a new issue, probably to be worked sometime in '26 ... and it might be later in '26 because I have other high priority doc work to do in early '26 (main doc set article overhauls).
• I don't have any gotchas 😈 to add beyond what we already cover for "Debugger breaks on an exception during logout with Microsoft Entra External ID" in the Common Errors section. If you have additional troubleshooting coverage for this scenario ... or you have something to change with that existing entry, I'm 👂 for it here.

---

Internal previews

📄 File	🔗 Preview link
aspnetcore/blazor/security/additional-scenarios.md	aspnetcore/blazor/security/additional-scenarios
aspnetcore/blazor/security/blazor-web-app-with-entra.md	aspnetcore/blazor/security/blazor-web-app-with-entra
aspnetcore/blazor/security/blazor-web-app-with-oidc.md	aspnetcore/blazor/security/blazor-web-app-with-oidc
aspnetcore/blazor/security/webassembly/additional-scenarios.md	aspnetcore/blazor/security/webassembly/additional-scenarios

[Copilot]

Pull Request Overview

This PR adds comprehensive guidance for Microsoft Entra External ID authentication to Blazor Web Apps and makes consistency improvements across the Blazor security documentation. The changes address issue #35424 by providing configuration examples and patterns specifically for External ID tenants alongside existing ME-ID and B2C tenant guidance.

Key changes:

• Adds new Microsoft Entra External ID configuration sections with authority URLs (https://{DIRECTORY_NAME}.ciamlogin.com/{TENANT_ID}/v2.0) and audience patterns
• Removes trailing slashes from all Authority URLs for consistency with current Microsoft Identity Platform requirements
• Adds B2C deprecation notice with sunset timeline (support ending 2030 for existing customers)
• Standardizes array syntax in code examples by removing spaces ([] instead of [ ])

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File	Description
aspnetcore/blazor/security/blazor-web-app-with-entra.md	Added comprehensive External ID tenant configuration sections for both BFF and non-BFF patterns; updated Authority URL formats; added B2C deprecation notice; updated array syntax
aspnetcore/blazor/security/blazor-web-app-with-oidc.md	Removed trailing slashes from Authority URLs in ME-ID, AAD B2C, and common authority examples; added External ID patterns to authority and audience format lists
aspnetcore/blazor/security/additional-scenarios.md	Removed trailing slash from common authority URL in app settings example
aspnetcore/blazor/security/webassembly/additional-scenarios.md	Removed trailing slash from common authority URL in app settings example