ASP.NET Core change AccessDenied route

Try

 services.AddIdentity<ApplicationUser, IdentityRole>(op=>op.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor"))         .AddEntityFrameworkStores<SponsorContext>()         .AddDefaultTokenProviders();

Or

        services.Configure<IdentityOptions>(opt =>        {            opt.Cookies.ApplicationCookie.LoginPath = new PathString("/aa");            opt.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor");            opt.Cookies.ApplicationCookie.LogoutPath = new PathString("/");        });

For similar problems into an ASP.NET Core 2.x web app, if the authentication is made with Azure AD /OpenID Connect, you can change the route in this way.

services.AddAuthentication(options =>...)            .AddOpenIdConnect(options =>...)            .AddCookie(options =>            {                options.AccessDeniedPath = "/path/unauthorized";                options.LoginPath = "/path/login";            });

In case someone experiences similar problems in ASP.NET Core 2, you could replace services.Configure<CookieAuthenticationOptions>(...) with services.ConfigureApplicationCookie() like this:

Replace this in your Startup.cs:

services.Configure<CookieAuthenticationOptions>(options =>{    options.LoginPath = new PathString("/[your-path]");    options.AccessDeniedPath = new PathString("/[your-path]");    options.LogoutPath = new PathString("/[your-path]");});

with this:

services.ConfigureApplicationCookie(options =>{    options.LoginPath = new PathString("/[your-path]");    options.AccessDeniedPath = new PathString("/[your-path]");    options.LogoutPath = new PathString("/[your-path]");});