Program.cs

.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
    options.Authority = builder.Configuration["Authentication:OpenId:Authority"];
    options.ClientId = builder.Configuration["Authentication:OpenId:ClientId"];
    options.ClientSecret = builder.Configuration["Authentication:OpenId:ClientSecret"];
    options.ResponseType = "code";
    options.SaveTokens = true;
    options.RequireHttpsMetadata = bool.Parse(builder.Configuration["Authentication:OpenId:Metadata"]);
    if (options.RequireHttpsMetadata)
    {
        options.MetadataAddress = builder.Configuration["Authentication:OpenId:MetaAddress"];
    }
    options.Scope.Add("openid");
    options.CallbackPath = "/login-callback";
    options.SignedOutCallbackPath = "/logout-callback";
    options.TokenValidationParameters = new TokenValidationParameters
    {
        NameClaimType = "preferred_username",
        RoleClaimType = "roles"
    };

})