user3900456 user3900456 - 1 year ago 440
ASP.NET (C#) Question

No authentication handler is configured to handle the scheme

This is a very annoying problem, I'm setting up cookies authentication on my core project and sometimes this error occurs and sometimes it doesn't!

There is no pattern! It just starts throwing the error and suddenly it stops, then start again...

The exception is:

InvalidOperationException: No authentication handler is configured to
handle the scheme: MyAuthScheme

This is really really annoying!
Here is my Startup.cs

public class Startup
public const string AuthenticationSchemeName = "MyAuthScheme";

public void ConfigureServices(IServiceCollection services)
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();


public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IHttpContextAccessor httpContextAccessor)

if (env.IsDevelopment())

app.UseCookieAuthentication(new CookieAuthenticationOptions
AuthenticationScheme = AuthenticationSchemeName,
LoginPath = new PathString("/login"),
AutomaticAuthenticate = true,
AutomaticChallenge = true,
SlidingExpiration = true,


And this is my authentication code:

await HttpContext.Authentication.SignInAsync(Startup.AuthenticationSchemeName, new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookie")));

any help on this?

Answer Source

I was facing this same issue and by digging into the source code, I discovered that for some reason, sometimes the IHttpAuthenticationFeature.Handler doesn't get set, and that's the reason why this error occurs. This is indeed very annoying and I fixed this issue by doing the following:

Expose your CookieAuthenticationOptions. I did this inside my Startup class:

public static readonly CookieAuthenticationOptions cookieAuthenticationOptions = new CookieAuthenticationOptions
    //... your settings here

Then in your Configure(), it becomes:


Then right before calling SignInAsync, you do:

if (HttpContext.Features.Get<IHttpAuthenticationFeature>()?.Handler == null)
    var handler = (AuthenticationHandler<CookieAuthenticationOptions>)Activator.CreateInstance(cookieAuthenticationHandlerType);
    await handler.InitializeAsync(Startup.cookieAuthenticationOptions, HttpContext, logger, UrlEncoder.Default);

    var feature = HttpContext.Features.Get<IHttpAuthenticationFeature>() ?? new HttpAuthenticationFeature();
    feature.Handler = handler;


You also need:

private static readonly Type cookieAuthenticationHandlerType = typeof(CookieAuthenticationMiddleware).Assembly.GetType("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler");

And inject these 2 dependencies in your constructor like:

public LoginController(IHttpContextAccessor httpContextAccessor, ILoggerFactory loggerFactory)
    this.HttpContext = httpContextAccessor.HttpContext;
    this.logger = loggerFactory.CreateLogger(this.GetType());

Ps: I don't know if this is a bug or what... but I hope it gets fixed in the next release.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download