Aspnet Core Identity management always returning me to the login page

Question

In My application my account manage page is not working I am trying to go to the following.

https://localhost:5001/Identity/Account/Manage

Which is where the pages for identy manage should be according to my scaffolding, i have changed the code to ensure it points to my ApplicaitonUser Class but for some reason when i access that page its throwing me back to the login even though I have logged in with the login page.

I have configured my start-up class as such

services.AddIdentity<ApplicationUser, IdentityRole>(config =>
{
    config.SignIn.RequireConfirmedEmail = true;
    config.Tokens.AuthenticatorTokenProvider = TokenOptions.DefaultAuthenticatorProvider;
    config.User.RequireUniqueEmail = true;

})
    .AddRoles<IdentityRole>()
    .AddEntityFrameworkStores<MSFSAddonDBContext>()
    .AddDefaultTokenProviders()
    .AddDefaultUI()
    .AddRoles<IdentityRole>();

services.AddScoped<IUserClaimsPrincipalFactory<ApplicationUser>,
AdditionalUserClaimsPrincipalFactory>();
services.AddSession(opts =>
{
    opts.Cookie.IsEssential = false; // make the session cookie Essential
});

Ensuring that the cookie warning is disable as I Believe it can cause issues if not setup yet. I have also enabled MFA using the following code.

services.ConfigureApplicationCookie(config =>
{
    config.Cookie.Name = "Identity.Cookie";
    config.LoginPath = "/Identity/Account/Login";
});

services.AddAuthorization(options =>
options.AddPolicy("TwoFactorEnabled",
 x => x.RequireClaim("amr", "mfa")));
services.AddAntiforgery(o => o.HeaderName = "XSRF-TOKEN");

The cookie is being created in edge in the debug tabs so I no its being created any idea why my code is refusing to go to the management page I am trying to follow the guide here.

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/mfa?view=aspnetcore-5.0

For complete here is my configure settings

app.UseHttpsRedirection();
app.UseStaticFiles();
        
app.UseRouting();

app.UseAuthorization();
app.UseAuthentication();


app.UseEndpoints(endpoints =>
{
    endpoints.MapControllerRoute(
    name: "areas",
    pattern: "{area:exists}/{controller=Home}/{action=Index}/{id?}");


    endpoints.MapControllerRoute(
        name: "default",
        pattern: "{controller=Home}/{action=Index}/{id?}");
    endpoints.MapRazorPages();
});

Answer 1

My issue was I had AddDefaultUI which over ride the path so the page was never being found. Leaving this herre for anyone else this is asp.net core 5.

Answer 2

The template-generated app doesn't use authorization. app.UseAuthorization is included to ensure it's added in the correct order should the app add authorization. UseRouting, UseAuthentication, UseAuthorization, and UseEndpoints must be called in the order shown in the preceding code.

reference: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?source=recommendations&view=aspnetcore-3.1&tabs=netcore-cli