Authorize attribute not working on hosted server

i have a .net api hosted on smarter asp , but for some reason the [Authorize] attribute is not working and the endpoint is accessed regardless if the user was authenticated or not and an exception is raised .

  • everything works on localhost this only happens on the hosted server

this is the method i am using :

    [HttpGet("get-profile-information")]
    [Authorize]
    public async Task<IActionResult> GetProfileInformation()
    {
        var userId = User.Identity.Name;

        var GetProfileDataByUserIdAsyncResult = await
            profileManagerService.GetProfileDataByUserIdAsync(userId);

        return GetProfileDataByUserIdAsyncResult.Match<IActionResult, ProfileDataDto>(Ok, BadRequest);
    }

My authentication settings:

serviceCollection.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
        }).AddJwtBearer(options =>
        {
            options.TokenValidationParameters = new TokenValidationParameters
            {
                NameClaimType = "id",
                RoleClaimType = "role",
                ValidateIssuer = true,
                ValidateAudience = true,
                ValidateLifetime = true,
                ValidateIssuerSigningKey = true,
                ValidIssuer = configuration["JwtConfig:Issuer"],
                ValidAudience = configuration["JwtConfig:Audience"],
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["JwtConfig:Key"]))
            };

            options.Events = new JwtBearerEvents
            {
                OnMessageReceived = context =>
                {
                    context.Token = context.Request.Cookies[configuration["JwtConfig:AccessToken"]];
                    return Task.CompletedTask;
                }
            };
        }).AddGoogle(options =>
        {
            options.ClientId = configuration["Authentication:Google:ClientId"];
            options.ClientSecret = configuration["Authentication:Google:ClientSecret"];
            options.CallbackPath = "/signin-google";
            options.SaveTokens = false;
        }).AddFacebook(options =>
        {
            options.ClientId = configuration["Authentication:Facebook:AppId"];
            options.ClientSecret = configuration["Authentication:Facebook:AppSecret"];
            options.CallbackPath = "/signin-facebook";
            options.SaveTokens = false;
        });

not sure what is going on