After quite a lot of fiddling to get things working. OIDC authentication is at least getting back to the home page. But now it shows a message saying it is not configured with a link to the about page where I see a big old error.

The summary error is:

The provided identity of type 'System.Security.Claims.ClaimsIdentity' is marked IsAuthenticated = true but does not have a value for Name. By default, the antiforgery system requires that all authenticated identities have a unique Name. If it is not possible to provide a unique Name for this identity, consider extending IAntiforgeryAdditionalDataProvider by overriding the DefaultAntiforgeryAdditionalDataProvider or a custom type that can provide some form of unique identifier for the current user.

I am using an app registration from Azure AD to authenticate. Is there a specific setting I need to adjust in AAD to make this work ?

Here is the relevant config

 "Security": {
 "provider": "OIDC",
 "apiKey": "",
 "viewEverythingGroups": "Domain Admins",
 "adminEverythingGroups": "Domain Admins",
 "scopes": [
 "email"
 ],
 "clientId": "<client Id>",
 "clientSecret": "<client secret>",
 "authorizationUrl": "https://login.microsoftonline.com/<tenant Id>/oauth2/v2.0/authorize",
 "accessTokenUrl": "https://login.microsoftonline.com/<tenant Id>/oauth2/v2.0/token",
 "userInfoUrl": "https://graph.microsoft.com/oidc/userinfo"
 },

Any ideas on what I might have mis-configured?

To be honest it was a bit of a chore getting this far. The documentation on this is a bit sparse.

Thanks

Mark