Authenticate to Razor Page using CookieAuthenication Scheme

Question

I have added secured razor pages to my API service. The API endpoints are secured with JwtBearer scheme, the razor pages use the CookieAuthentication scheme.

Working with .NET Core 3.1

The services are configured like this:

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
         {
             options.Cookie.Name = "MyRazorPagesCookie";
             options.ExpireTimeSpan = TimeSpan.FromMinutes(20);
             options.SlidingExpiration = true;
             options.LoginPath = new PathString("/index");
         })
        .AddScheme<JwtBearerOptions, JwtBearerAuthenticationHandler>(JwtBearerDefaults.AuthenticationScheme, _ => { });

The login action looks like this:

// add claims
claims.Add(new Claim(ClaimTypes.Role, role));
claims.Add(new Claim(ClaimTypes.Name, name));
claims.Add(new Claim(ClaimTypes.UserData, data));

// build the identity
ClaimsIdentity identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);

// sign in
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity));

Everything seems to be working. The cookie is created and I can see it in the browser. The anti-forgery one is also there. It perfectly works in my sandbox even when I deploy it to my local IIS.

When deployed to our production server the cookies are also created, but the HttpContext.User.Identity.IsAuthenticated is always false.

I've spent hours googling and reading documentation, I've also compared the settings of the servers, but I still do not see it.

There is definitely something I do not know or do not fully understand. Ideas appreciated.

I can see this in the logs.

"Cookies" was not authenticated. Failure message: "Unprotect ticket failed"

Can anybody explain, what that means?