Blazor Server + Identity: SignInManager.SignInAsync doesn't persist login (cookie not set)

I'm building a Blazor Server app (.NET 9, Identity + Entity Framework Core + MudBlazor). I have a custom login form and I want to authenticate the user manually using SignInManager.

I'm using this method to log in:

private async Task RegoLogin(){   isBusy = true;   LoginResultRego = true;   try   {       // Try to find the user by email or username       ApplicationUser user = RegoBenutzer.Contains('@')           ? await UserManager.FindByEmailAsync(RegoBenutzer)           : await UserManager.FindByNameAsync(RegoBenutzer);       if (user == null)       {           Console.WriteLine("❌ User does not exist.");           LoginResultRego = false;           return;       }       // Step 1: Check if the password is valid (does NOT create authentication cookie)       var result = await SignInManager.CheckPasswordSignInAsync(user, RegoKennwort, lockoutOnFailure: false);       if (result.Succeeded)       {           // Step 2: Perform the actual sign-in (this creates the auth cookie)           await SignInManager.SignInAsync(user, isPersistent: false);           // Step 3: Optionally store user in shared state (if needed)           SharedDataService.LoggedInUser = user;           // Step 4: Conditional redirect           if (user.MustChangePassword)           {               Navigation.NavigateTo("/change-password", forceLoad: true);           }           else           {               Navigation.NavigateTo("/dashboard", forceLoad: true);           }       }       else       {           Console.WriteLine("❌ Invalid login attempt.");           Console.WriteLine($"🔎 Details: IsLockedOut={result.IsLockedOut}, IsNotAllowed={result.IsNotAllowed}, Requires2FA={result.RequiresTwoFactor}");           LoginResultRego = false;       }   }   catch (Exception ex)   {       Console.WriteLine($"❌ Exception occurred during login: {ex.Message}");       LoginResultRego = false;   }   finally   {       isBusy = false;   }}

✅CheckPasswordSignInAsync() returns Succeeded = true, so the credentials are valid.

❌ But after calling SignInManager.SignInAsync(...), the user is still not authenticated: pages with [Authorize] redirect me back to the login page.

The user is not authenticated in AuthenticationStateProvider. No auth cookie seems to be written in the browser.

What I've tried:

• Ensured UseAuthentication() and UseAuthorization() are in the correct order in Program.cs.
• Set AuthenticationStateProvider to RevalidatingIdentityAuthenticationStateProvider<ApplicationUser>
• Cookie options are set via ConfigureApplicationCookie to have / as login path.
• Verified that User.Identity.IsAuthenticated is false after sign-in.
• Tried using PasswordSignInAsync(...) instead — same problem.

Questions

• Why doesn't SignInAsync(user, isPersistent: false) set the cookie?

• Is there a special requirement to use it inside Blazor Server components?

• How can I manually sign in the user and make [Authorize] pages work reliably?

Setup:

• ASP.NET Core 9
• Blazor Server (not web assembly)
• Entity Framework Core with PostgreSQL
• Identity: AddIdentity<ApplicationUser, IdentityRole>()

Thanks for your help!