Authorize everywhere solution breaks OIDC

### Description

I could be missing something, but it seems like this solution doesn't work for the MS OpenIdConnect libraries for ASP.NET:

```csharp
var requireAuthPolicy = new AuthorizationPolicyBuilder()
    .RequireAuthenticatedUser()
    .Build();

builder.Services.AddAuthorizationBuilder()
    .SetFallbackPolicy(requireAuthPolicy);
```

When I used this, it seemed to cause the built-in OIDC endpoint(s) to require authorization, causing an infinite loop.


### Page URL

https://learn.microsoft.com/en-us/aspnet/core/security/authentication/configure-oidc-web-authentication?view=aspnetcore-9.0

### Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/security/authentication/configure-oidc-web-authentication.md

### Document ID

5d97b8bb-6505-9268-efbc-33fc2c02f4d8

### Article author

@damienbod

### Metadata

* ID: 5d97b8bb-6505-9268-efbc-33fc2c02f4d8 
* Service: **aspnet-core**
* Sub-service: **security**

[Related Issues](https://github.com/dotnet/AspNetCore.Docs/issues?q=is%3Aissue+is%3Aopen+5d97b8bb-6505-9268-efbc-33fc2c02f4d8)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Authorize everywhere solution breaks OIDC #34543

Description

Page URL

Content source URL

Document ID

Article author

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Authorize everywhere solution breaks OIDC #34543

Description

Description

Page URL

Content source URL

Document ID

Article author

Metadata

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions