Thanks for this. I’ll take a look but work machine has been locked down and dotnet new and many other needed features are not working. Since starting from Net Core 2.1 we used Microsoft Identity to launch Aurelia from Home Page upon successful authentication since protected by [Authorize] attribute without need to have a second set of authentication at the Aurelia level. It is a multi page MVC application with Aurelia SPA running on the Home page where the Identity pages are available using MVC router and Aurelia won’t load if unauthenticated. For good measure added the User Claims are read from the app.ts and if there are none (for example if this [Authorize] is removed), then no Aurelia routes are created