AuthenticationManager.GetExternalLoginInfoAsync() return null


I am having problems linking to Okta using MVC5 and Asp.Net - I can see from the okta log that I successfully authenticate and my browser is redirected back to my site, but when it hits the redirected action and tries to run this line in the ExternalLoginCallback:

Dim loginInfo As ExternalLoginInfo = Await AuthenticationManager.GetExternalLoginInfoAsync()

The logInfo object remains null. Checking the AuthenticationManager I can see that the AuthenticationResponseGrant is also null, so I’m guessing that the login details are being lost along the way somewhere. This isn’t necessarily the case as if I execute Await AuthenticationManager.AuthenticateAsync(“ExternalCookie”) then I get an AuthenticateResult object with the correct claims in it.

My Startup.Auth includes this setup:

    app.UseOktaMvc(New OktaMvcOptions With {
        .ClientId = ConfigurationManager.AppSettings("okta:ClientId"),
        .ClientSecret = ConfigurationManager.AppSettings("okta:ClientSecret"),
        .OktaDomain = ConfigurationManager.AppSettings("okta:OrgUri"),
        .RedirectUri = ConfigurationManager.AppSettings("okta:RedirectUri"),
        .PostLogoutRedirectUri = ConfigurationManager.AppSettings("okta:PostLogoutRedirectUri"),
        .GetClaimsFromUserInfoEndpoint = True,
        .Scope = New List(Of String)({"openid", "profile", "email"})

And the authentication is called from a bespoke Authorize attribute that does this:

Protected Overrides Sub HandleUnauthorizedRequest(filterContext As AuthorizationContext)
filterContext.HttpContext.Response.TrySkipIisCustomErrors = True
filterContext.Result = New ChallengeResult(Okta.AspNet.OktaDefaults.MvcAuthenticationType, String.Format("/Account/ExternalLoginCallback?ReturnUrl=//{0}/signin-okta", filterContext.HttpContext.Request.Url.Authority))
End Sub

I would be grateful for any help in fixing this issue.