That is super interesting. aspnetcore saves a local cookie right before it redirects to Okta (this is built into aspnetcore, not an Okta thing) to save state and prevent CSRF on the redirect. Without the right cookie policy, it was probably being blocked somewhere.
Glad you got it working!
FYI, there isn’t anything special about the default AS - other than being a shortcut to having to create all the access policies from scratch. If you create one yourself, you can just define those policies and it works the same way.