Blazor Website (.NET 8, ServerPrerendered) OpenId For Web Pages And JwtBearer For API Endpoints - Doable?

Hoping someone can help me out.

We have a .net 8 blazor web site (ServerPrerendered) with web pages that have to use OpenIdConnectDefaults.AuthenticationScheme so users logged into the company's SSO can reach the pages.

Now we are adding a new controller with api endpoints that have to use JwtBearerDefaults.AuthenticationScheme so another system can make calls those endpoints.

Here is what we have in Program.cs:

var builder = WebApplication.CreateBuilder(args);Workflow.Startup(builder.Configuration);builder.Services.AddControllersWithViews(options =>{    var policy = new AuthorizationPolicyBuilder()        .RequireAuthenticatedUser()        .Build();    options.Filters.Add(new AuthorizeFilter(policy));    options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());});builder.Services.AddSingleton(userController => new UserController())                .AddSingleton(logController => new LoggingController())                .AddSingleton(adminController => new AdminController())                .AddSingleton(recordController => new RecordController())                .AddSingleton(storageController => new StorageController())                .AddSingleton(svfRecordController => new SvfRecordController());builder.Services.AddHttpContextAccessor();// Add services to the container.builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)    .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"));builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)    .AddMicrosoftIdentityWebApi(builder.Configuration.GetSection("ApiAzureAd"));builder.Services.AddControllersWithViews()    .AddMicrosoftIdentityUI();builder.Services.AddAuthorization(options =>{    // By default, all incoming requests will be authorized according to the default policy    options.FallbackPolicy = options.DefaultPolicy;});builder.Services.AddRazorPages();builder.Services.AddServerSideBlazor()    .AddMicrosoftIdentityConsentHandler();builder.Services.AddBlazorBootstrap();// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbucklebuilder.Services.AddEndpointsApiExplorer();builder.Services.AddSwaggerGen();var app = builder.Build();//this allows the IP Address of the caller to be obtained for logs, from here : https://stackoverflow.com/questions/28664686/how-do-i-get-client-ip-address-in-asp-net-coreapp.UseForwardedHeaders(new ForwardedHeadersOptions{    ForwardedHeaders = ForwardedHeaders.XForwardedFor |    ForwardedHeaders.XForwardedProto});// Configure the HTTP request pipeline.if (!app.Environment.IsDevelopment()){    app.UseExceptionHandler("/Error");    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.    app.UseHsts();}else{    app.UseSwagger();    app.UseSwaggerUI();}app.UseHttpsRedirection();app.UseStaticFiles();app.UseRouting();app.UseAuthentication();app.UseAuthorization();app.MapControllers();app.MapBlazorHub();app.MapFallbackToPage("/_Host");app.Run();

When I comment out the OpenIdConnectDefaults.AuthenticationScheme lines, the api is able to be called (via Postman), but the web page all get 401s (no rendering code reached).

When I comment out the JwtBearerDefaults.AuthenticationScheme lines, the web pages function fine, but the api cannot accept requests.

Is there a way to have both work?

Thanks In Advance!