ASP.NET Core IsAuthenticated is always false after successful login

Hi okta support,
I have an ASP.NET Core application which uses OpenId Connect for user authentication. After browser redirect to the OKTA login page and enter correct credentials, the ASP.NET Core User Identity IsAuthenticated is always false.

Does anyone know how to fix this?

Startup.cs

		public void ConfigureServices(IServiceCollection services)
		{
			services.AddAuthentication(options =>
			 {
				 options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
				 options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
			 })
			.AddCookie(setup =>
			{
				setup.Cookie.Name = "MyCookie";
				setup.SlidingExpiration = false;
				setup.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
				setup.Cookie.SameSite = SameSiteMode.None;
			})
			.AddOpenIdConnect(options =>
			{
				options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
				options.Authority = "https://xxxx.okta.com/oauth2/1234567abcdefg";
				options.ClientId = Configuration["Okta: ClientId"];
				options.ClientSecret = Configuration["Okta:ClientSecret"];
				options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
				options.GetClaimsFromUserInfoEndpoint = true;
				options.Scope.Add(OpenIdConnectScope.OpenId);
				options.SaveTokens = true;
				options.Events.OnRedirectToIdentityProvider = context =>
				{
					context.ProtocolMessage.RedirectUri = "https://localhost:9999/dotnetcore";

					return Task.FromResult(0);
				};
			});

			services.AddAuthorization();
			services.AddControllersWithViews();
		}
		public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
		{
			if (env.IsDevelopment())
			{
				app.UseDeveloperExceptionPage();
			}
			else
			{
				app.UseExceptionHandler("/Home/Error");
				// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
				app.UseHsts();
			}

			app.UseHttpsRedirection();
			app.UseStaticFiles();

			app.UseRouting();
			
			app.UseAuthentication();
			app.UseAuthorization();

			app.UseEndpoints(endpoints =>
			{
				endpoints.MapControllerRoute(
					name: "default",
					pattern: "{controller=Home}/{action=Index}/{id?}");
			});
		}

HomeController

		public IActionResult Index()
		{
			// IsAuthenticated always false 
			if (!HttpContext.User.Identity.IsAuthenticated)
			{
				return Challenge(new AuthenticationProperties { RedirectUri = "https://localhost:9999/dotnetcore" },
					OpenIdConnectDefaults.AuthenticationScheme);
				
			}
			return View();
		}

Hi okta support,
Could someone take a look at this issue?