Blazor Server Policy Failing with "The trust relationship between the primary domain and the trusted domain failed."

This is a Blazor Web App using global server interactivity on .NET 10.

I use our internal Windows Active Directory to assign custom roles, which I have not experienced a problem with. However, after adding a new custom identity with the transformer, my <AuthorizeView> component fails with The trust relationship between the primary domain and the trusted domain failed. I have experienced this before with non-Blazor apps when trying to read an AD group that doesn't exist, so I believe the custom role claim I am adding is not being picked up.

I have the following custom claims transformer, stripped down to forcibly apply the Admin role:

using Microsoft.AspNetCore.Authentication;using System.Security.Claims;namespace MyApp{    public class ClaimsTransformer : IClaimsTransformation    {        public Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)        {            var customIdentity = new ClaimsIdentity();            customIdentity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));            principal.AddIdentity(customIdentity);            return Task.FromResult(principal);        }    }}

I am then injecting this claims transformer in my startup, the full startup is as follows:

using MyApp;using MyApp.Components;using Microsoft.AspNetCore.Authentication;using Microsoft.AspNetCore.Authentication.Negotiate;var builder = WebApplication.CreateBuilder(args);// Add services to the container.builder.Services.AddRazorComponents()    .AddInteractiveServerComponents();// Add authenticationbuilder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)    .AddNegotiate();// Register the transformerbuilder.Services.AddTransient<IClaimsTransformation, ClaimsTransformer>();// Required for use in <AuthorizeView> apparently?builder.Services.AddCascadingAuthenticationState();// Policy for the <AuthorizeView> to usebuilder.Services.AddAuthorizationBuilder()    .AddPolicy("AdminPolicy", policyBuilder =>    {        policyBuilder.RequireAuthenticatedUser();        policyBuilder.RequireRole("Admin");    });var app = builder.Build();// Configure the HTTP request pipeline.if (!app.Environment.IsDevelopment()){    app.UseExceptionHandler("/Error", createScopeForErrors: true);    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.    app.UseHsts();}app.UseStatusCodePagesWithReExecute("/not-found", createScopeForStatusCodePages: true);app.UseHttpsRedirection();app.UseAntiforgery();app.MapStaticAssets();app.UseAuthentication();app.UseAuthorization();app.MapRazorComponents<App>()    .AddInteractiveServerRenderMode();app.Run();

Then, to test, I simply have it set up in my Home.razor component:

<Microsoft.AspNetCore.Components.Authorization.AuthorizeView Policy="AdminPolicy"><Authorized><p>Admin</p></Authorized><NotAuthorized><p>Not Admin</p></NotAuthorized></Microsoft.AspNetCore.Components.Authorization.AuthorizeView>