The AuthFeature adds a fallback /login.html page if the HtmlRedirect remains the default and it detects there’s no /login.html, or if you were using Razor /login or #Script/login page it would continue to render those instead. But looks like you’re using an SPA route for your login which isn’t detectable from the server that there’s an SPA /login route, anyway it can be disabled with: