Sometimes you write an ASP.NET Core application without using MVC. For example an microservice or an application serving static files.
Anyhow you might want to secure your application using authentication. I was facing the problem, how I could challenge authentication when I’m not using MVC.
The solution is writing a custom middleware that challenges authentication.