From 315994b475791f0c240612d013290d8ec01356c2 Mon Sep 17 00:00:00 2001
From: Luke Latham <1622880+guardrex@users.noreply.github.com>
Date: Wed, 25 Mar 2026 14:25:11 -0400
Subject: [PATCH] Move and overhaul the RP authz conventions article (#36919)

---
 .openpublishing.redirection.json              |   5 +
 aspnetcore/blazor/security/index.md           |   2 +-
 aspnetcore/razor-pages/index.md               |   4 +-
 .../razor-pages/index/includes/index35.md     |   4 +-
 .../razor-pages/razor-pages-conventions.md    |   6 +-
 .../security/authorization/conventions.md     | 183 ++++++++++++++
 .../security/authorization/introduction.md    |   1 +
 aspnetcore/security/authorization/policies.md |   2 +-
 .../policies/includes/policies5.md            |   2 +-
 .../razor-pages-authorization.md              | 235 ------------------
 .../AuthorizationSample.csproj                |  12 -
 .../Controllers/AccountController.cs          |  21 --
 .../Data/ApplicationUser.cs                   |   8 -
 .../Extensions/UrlHelperExtensions.cs         |  20 --
 .../Pages/Account/Login.cshtml                |  27 --
 .../Pages/Account/Login.cshtml.cs             | 104 --------
 .../Pages/Account/SignedOut.cshtml            |  10 -
 .../Pages/Account/SignedOut.cshtml.cs         |  20 --
 .../Pages/Account/_ViewImports.cshtml         |   1 -
 .../AuthorizationSample/Pages/Contact.cshtml  |  27 --
 .../Pages/Contact.cshtml.cs                   |  19 --
 .../AuthorizationSample/Pages/Error.cshtml    |  26 --
 .../AuthorizationSample/Pages/Error.cshtml.cs |  23 --
 .../AuthorizationSample/Pages/Index.cshtml    |  13 -
 .../AuthorizationSample/Pages/Index.cshtml.cs |  17 --
 .../Pages/Private/PrivatePage1.cshtml         |  16 --
 .../Pages/Private/PrivatePage1.cshtml.cs      |  19 --
 .../Pages/Private/PrivatePage2.cshtml         |  16 --
 .../Pages/Private/PrivatePage2.cshtml.cs      |  19 --
 .../Pages/Private/PublicPage.cshtml           |  16 --
 .../Pages/Private/PublicPage.cshtml.cs        |  19 --
 .../Private/PublicPages/PublicPage.cshtml     |  16 --
 .../Private/PublicPages/PublicPage.cshtml.cs  |  19 --
 .../Private/PublicPages/_ViewImports.cshtml   |   1 -
 .../Pages/Private/_ViewImports.cshtml         |   1 -
 .../Pages/Shared/_Layout.cshtml               |  32 ---
 .../Pages/_LoginPartial.cshtml                |  16 --
 .../Pages/_ViewImports.cshtml                 |   4 -
 .../Pages/_ViewStart.cshtml                   |   3 -
 .../2.x/AuthorizationSample/Program.cs        |  17 --
 .../samples/2.x/AuthorizationSample/README.md |  16 --
 .../2.x/AuthorizationSample/Startup.cs        |  51 ----
 .../appsettings.Development.json              |   9 -
 .../2.x/AuthorizationSample/appsettings.json  |   8 -
 .../AuthorizationSample.csproj                |   7 -
 .../Controllers/AccountController.cs          |  21 --
 .../Data/ApplicationUser.cs                   |   8 -
 .../Extensions/UrlHelperExtensions.cs         |  20 --
 .../Pages/Account/Login.cshtml                |  27 --
 .../Pages/Account/Login.cshtml.cs             | 104 --------
 .../Pages/Account/SignedOut.cshtml            |  10 -
 .../Pages/Account/SignedOut.cshtml.cs         |  20 --
 .../Pages/Account/_ViewImports.cshtml         |   1 -
 .../AuthorizationSample/Pages/Contact.cshtml  |  27 --
 .../Pages/Contact.cshtml.cs                   |  19 --
 .../AuthorizationSample/Pages/Error.cshtml    |  26 --
 .../AuthorizationSample/Pages/Error.cshtml.cs |  23 --
 .../AuthorizationSample/Pages/Index.cshtml    |  13 -
 .../AuthorizationSample/Pages/Index.cshtml.cs |  17 --
 .../Pages/Private/PrivatePage1.cshtml         |  16 --
 .../Pages/Private/PrivatePage1.cshtml.cs      |  19 --
 .../Pages/Private/PrivatePage2.cshtml         |  16 --
 .../Pages/Private/PrivatePage2.cshtml.cs      |  19 --
 .../Pages/Private/PublicPage.cshtml           |  16 --
 .../Pages/Private/PublicPage.cshtml.cs        |  19 --
 .../Private/PublicPages/PublicPage.cshtml     |  16 --
 .../Private/PublicPages/PublicPage.cshtml.cs  |  19 --
 .../Private/PublicPages/_ViewImports.cshtml   |   1 -
 .../Pages/Private/_ViewImports.cshtml         |   1 -
 .../Pages/Shared/_Layout.cshtml               |  32 ---
 .../Pages/_LoginPartial.cshtml                |  16 --
 .../Pages/_ViewImports.cshtml                 |   4 -
 .../Pages/_ViewStart.cshtml                   |   3 -
 .../3.x/AuthorizationSample/Program.cs        |  26 --
 .../samples/3.x/AuthorizationSample/README.md |  16 --
 .../3.x/AuthorizationSample/Startup.cs        |  55 ----
 .../appsettings.Development.json              |   9 -
 .../3.x/AuthorizationSample/appsettings.json  |   8 -
 aspnetcore/test/integration-tests.md          |   2 +-
 .../includes/integration-tests5.md            |   2 +-
 .../includes/integration-tests7.md            |   2 +-
 .../includes/integration-tests8.md            |   2 +-
 .../includes/integration-tests9.md            |   2 +-
 aspnetcore/toc.yml                            |   4 +-
 84 files changed, 206 insertions(+), 1552 deletions(-)
 create mode 100644 aspnetcore/razor-pages/security/authorization/conventions.md
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization.md
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/AuthorizationSample.csproj
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Controllers/AccountController.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Data/ApplicationUser.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Shared/_Layout.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_LoginPartial.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewStart.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Program.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/README.md
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.Development.json
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.json
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/AuthorizationSample.csproj
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Controllers/AccountController.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Data/ApplicationUser.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Shared/_Layout.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_LoginPartial.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewImports.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewStart.cshtml
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Program.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/README.md
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.Development.json
 delete mode 100644 aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.json

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 2a7a0b3f09c3..2bf9e708f555 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -1678,6 +1678,11 @@
             "source_path": "aspnetcore/security/authorization/iard.md",
             "redirect_url": "/aspnet/core/security/authorization/custom-authorization-policies-with-iauthorizationrequirementdata",
             "redirect_document_id": false
+        },
+        {
+            "source_path": "aspnetcore/security/authorization/razor-pages-authorization.md",
+            "redirect_url": "/aspnet/core/razor-pages/security/authorization/conventions",
+            "redirect_document_id": false
         }
     ]
 }
diff --git a/aspnetcore/blazor/security/index.md b/aspnetcore/blazor/security/index.md
index d5a909fddc9f..fc654cbb51d6 100644
--- a/aspnetcore/blazor/security/index.md
+++ b/aspnetcore/blazor/security/index.md
@@ -30,7 +30,7 @@ If authorization rule enforcement and the security of data and code must be guar
 
 :::moniker-end
 
-[Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization) don't apply to routable Razor components. If a non-routable Razor component is [embedded in a page of a Razor Pages app](xref:blazor/components/integration), the page's authorization conventions indirectly affect the Razor component along with the rest of the page's content.
+[Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions) don't apply to routable Razor components. If a non-routable Razor component is [embedded in a page of a Razor Pages app](xref:blazor/components/integration), the page's authorization conventions indirectly affect the Razor component along with the rest of the page's content.
 
 :::moniker range="< aspnetcore-8.0"
 
diff --git a/aspnetcore/razor-pages/index.md b/aspnetcore/razor-pages/index.md
index ca89c726ae77..206d8f784304 100644
--- a/aspnetcore/razor-pages/index.md
+++ b/aspnetcore/razor-pages/index.md
@@ -579,7 +579,7 @@ The configuration and settings in following sections is not required by most app
 To configure advanced options, use the <xref:Microsoft.Extensions.DependencyInjection.MvcServiceCollectionExtensions.AddRazorPages%2A> overload that configures <xref:Microsoft.AspNetCore.Mvc.RazorPages.RazorPagesOptions>:
 [!code-csharp[](~/razor-pages/index/6.0sample/RazorPagesContacts/Program.cs?name=snippet_ac&highlight=5-9)]
 
-Use the <xref:Microsoft.AspNetCore.Mvc.RazorPages.RazorPagesOptions> to set the root directory for pages, or add application model conventions for pages. For more information on conventions, see [Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization).
+Use the <xref:Microsoft.AspNetCore.Mvc.RazorPages.RazorPagesOptions> to set the root directory for pages, or add application model conventions for pages. For more information on conventions, see [Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions).
 
 To precompile views, see [Razor view compilation](xref:mvc/views/view-compilation).
 
@@ -604,7 +604,7 @@ Add <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcCoreBuilderEx
 * <xref:mvc/views/razor>
 * <xref:mvc/controllers/areas>
 * <xref:tutorials/razor-pages/razor-pages-start>
-* <xref:security/authorization/razor-pages-authorization>
+* <xref:razor-pages/security/authorization/conventions>
 * <xref:razor-pages/razor-pages-conventions>
 * <xref:test/razor-pages-tests>
 * <xref:mvc/views/partial>
diff --git a/aspnetcore/razor-pages/index/includes/index35.md b/aspnetcore/razor-pages/index/includes/index35.md
index 0f912e718b4c..1bd85b6af4d9 100644
--- a/aspnetcore/razor-pages/index/includes/index35.md
+++ b/aspnetcore/razor-pages/index/includes/index35.md
@@ -571,7 +571,7 @@ To configure advanced options, use the <xref:Microsoft.Extensions.DependencyInje
 
 [!code-csharp[](~/razor-pages/index/3.0sample/RazorPagesContacts/StartupRPoptions.cs?name=snippet)]
 
-Use the <xref:Microsoft.AspNetCore.Mvc.RazorPages.RazorPagesOptions> to set the root directory for pages, or add application model conventions for pages. For more information on conventions, see [Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization).
+Use the <xref:Microsoft.AspNetCore.Mvc.RazorPages.RazorPagesOptions> to set the root directory for pages, or add application model conventions for pages. For more information on conventions, see [Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions).
 
 To precompile views, see [Razor view compilation](xref:mvc/views/view-compilation).
 
@@ -596,7 +596,7 @@ Add <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcCoreBuilderEx
 * <xref:mvc/views/razor>
 * <xref:mvc/controllers/areas>
 * <xref:tutorials/razor-pages/razor-pages-start>
-* <xref:security/authorization/razor-pages-authorization>
+* <xref:razor-pages/security/authorization/conventions>
 * <xref:razor-pages/razor-pages-conventions>
 * <xref:test/razor-pages-tests>
 * <xref:mvc/views/partial>
diff --git a/aspnetcore/razor-pages/razor-pages-conventions.md b/aspnetcore/razor-pages/razor-pages-conventions.md
index be9d07505c27..ac428f6ce2f2 100644
--- a/aspnetcore/razor-pages/razor-pages-conventions.md
+++ b/aspnetcore/razor-pages/razor-pages-conventions.md
@@ -288,7 +288,7 @@ The Page filter (<xref:Microsoft.AspNetCore.Mvc.Filters.IPageFilter>) is a filte
 ## Additional resources
 
 * [Razor Pages Routing](https://www.learnrazorpages.com/razor-pages/routing)
-* <xref:security/authorization/razor-pages-authorization>
+* <xref:razor-pages/security/authorization/conventions>
 * <xref:mvc/controllers/areas#areas-with-razor-pages>
 
 :::moniker-end
@@ -569,7 +569,7 @@ The Page filter (<xref:Microsoft.AspNetCore.Mvc.Filters.IPageFilter>) is a filte
 
 ## Additional resources
 
-* <xref:security/authorization/razor-pages-authorization>
+* <xref:razor-pages/security/authorization/conventions>
 * <xref:mvc/controllers/areas#areas-with-razor-pages>
 
 :::moniker-end
@@ -825,7 +825,7 @@ The Page filter (<xref:Microsoft.AspNetCore.Mvc.Filters.IPageFilter>) is a filte
 
 ## Additional resources
 
-* <xref:security/authorization/razor-pages-authorization>
+* <xref:razor-pages/security/authorization/conventions>
 * <xref:mvc/controllers/areas#areas-with-razor-pages>
 
 :::moniker-end
diff --git a/aspnetcore/razor-pages/security/authorization/conventions.md b/aspnetcore/razor-pages/security/authorization/conventions.md
new file mode 100644
index 000000000000..2d3059b6e257
--- /dev/null
+++ b/aspnetcore/razor-pages/security/authorization/conventions.md
@@ -0,0 +1,183 @@
+---
+title: Razor Pages authorization conventions in ASP.NET Core
+author: wadepickett
+description: Learn how to control access to pages with conventions that authorize users and allow anonymous users to access pages or folders of pages.
+monikerRange: '>= aspnetcore-2.1'
+ms.author: wpickett
+ms.custom: mvc
+ms.date: 03/25/2026
+uid: razor-pages/security/authorization/conventions
+---
+# Razor Pages authorization conventions in ASP.NET Core
+
+One way to control access in a Razor Pages app is to use authorization conventions at startup. These conventions allow the app to authorize users and allow anonymous users to access individual pages or folders of pages. The conventions described in this article automatically apply [authorization filters](xref:mvc/controllers/filters#authorization-filters) to control access.
+
+[View or download sample code](https://github.com/dotnet/AspNetCore.Docs.Samples/tree/main/security/authorization/RazorPagesAuthorization) ([how to download](xref:fundamentals/index#how-to-download-a-sample))
+
+The sample app uses [cookie authentication without ASP.NET Core Identity](xref:security/authentication/cookie). To use ASP.NET Core Identity, follow the guidance in <xref:security/authentication/identity>.
+
+## Require authorization to access a page
+
+Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page at the specified path:
+
+:::moniker range=">= aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/10.x/AuthorizationSample/Program.cs" id="snippet1" highlight="3":::
+
+:::moniker-end
+
+:::moniker range=">= aspnetcore-3.0 < aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/3.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="3":::
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-3.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/2.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="2,4":::
+
+:::moniker-end
+
+The specified path is the View Engine path, which is the Razor Pages root relative path without an extension and containing only forward slashes.
+
+To specify an [authorization policy](xref:security/authorization/policies), use an [`AuthorizePage` overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A):
+
+```csharp
+options.Conventions.AuthorizePage("/Contact", "AtLeast21");
+```
+
+> [!NOTE]
+> An <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> can be applied to a page model class with the `[Authorize]` filter attribute. For more information, see <xref:razor-pages/filter#authorize-filter-attribute>.
+
+## Require authorization to access a folder of pages
+
+Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeFolder%2A> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to all of the pages in a folder at the specified path:
+
+:::moniker range=">= aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/10.x/AuthorizationSample/Program.cs" id="snippet1" highlight="4":::
+
+:::moniker-end
+
+:::moniker range=">= aspnetcore-3.0 < aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/3.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="4":::
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-3.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/2.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="2,5":::
+
+:::moniker-end
+
+The specified path is the View Engine path, which is the Razor Pages root relative path containing only forward slashes.
+
+To specify an [authorization policy](xref:security/authorization/policies), use an [`AuthorizeFolder` overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeFolder%2A):
+
+```csharp
+options.Conventions.AuthorizeFolder("/Private", "AtLeast21");
+```
+
+## Require authorization to access an area page
+
+Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaPage%2A> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the area page at the specified path:
+
+```csharp
+options.Conventions.AuthorizeAreaPage("Identity", "/Manage/Accounts");
+```
+
+The page name is the path of the file without an extension relative to the pages root directory for the specified area. For example, the page name for the file `Areas/Identity/Pages/Manage/Accounts.cshtml` is `/Manage/Accounts`.
+
+To specify an [authorization policy](xref:security/authorization/policies), use an [`AuthorizeAreaPage` overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaPage%2A):
+
+```csharp
+options.Conventions.AuthorizeAreaPage("Identity", "/Manage/Accounts", "AtLeast21");
+```
+
+## Require authorization to access a folder of areas
+
+Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaFolder%2A> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to all of the areas in a folder at the specified path:
+
+```csharp
+options.Conventions.AuthorizeAreaFolder("Identity", "/Manage");
+```
+
+The folder path is the path of the folder relative to the pages root directory for the specified area. For example, the folder path for the files under `Areas/Identity/Pages/Manage/` is `/Manage`.
+
+To specify an [authorization policy](xref:security/authorization/policies), use an [`AuthorizeAreaFolder` overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaFolder%2A):
+
+```csharp
+options.Conventions.AuthorizeAreaFolder("Identity", "/Manage", "AtLeast21");
+```
+
+## Allow anonymous access to a page
+
+Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AllowAnonymousToPage%2A> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> to a page at the specified path:
+
+:::moniker range=">= aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/10.x/AuthorizationSample/Program.cs" id="snippet1" highlight="5":::
+
+:::moniker-end
+
+:::moniker range=">= aspnetcore-3.0 < aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/3.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="5":::
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-3.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/2.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="2,6":::
+
+:::moniker-end
+
+The specified path is the View Engine path, which is the Razor Pages root relative path without an extension and containing only forward slashes.
+
+## Allow anonymous access to a folder of pages
+
+Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AllowAnonymousToFolder%2A> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> to all of the pages in a folder at the specified path:
+
+:::moniker range=">= aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/10.x/AuthorizationSample/Program.cs" id="snippet1" highlight="6":::
+
+:::moniker-end
+
+:::moniker range=">= aspnetcore-3.0 < aspnetcore-10.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/3.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="6":::
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-3.0"
+
+:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/RazorPagesAuthorization/2.x/AuthorizationSample/Startup.cs" id="snippet1" highlight="2,7":::
+
+:::moniker-end
+
+The specified path is the View Engine path, which is the Razor Pages root relative path without an extension and containing only forward slashes.
+
+## Note on combining authorized and anonymous access
+
+The app can specify that a folder of pages requires authorization and that a page within that folder allows anonymous access:
+
+```csharp
+// This works.
+.AuthorizeFolder("/Private").AllowAnonymousToPage("/Private/Public")
+```
+
+The reverse, however, isn't valid. The app can't declare a folder of pages for anonymous access and specify a page within that folder that requires authorization:
+
+```csharp
+// This doesn't work!
+.AllowAnonymousToFolder("/Public").AuthorizePage("/Public/Private")
+```
+
+Requiring authorization on the Private page fails. When both the <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> and <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> are applied to the page, the <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> takes precedence and controls access.
+
+## Additional resources
+
+* <xref:razor-pages/razor-pages-conventions>
+* <xref:Microsoft.AspNetCore.Mvc.ApplicationModels.PageConventionCollection>
diff --git a/aspnetcore/security/authorization/introduction.md b/aspnetcore/security/authorization/introduction.md
index 9b03d680eced..d29f0dc6bd2a 100644
--- a/aspnetcore/security/authorization/introduction.md
+++ b/aspnetcore/security/authorization/introduction.md
@@ -30,3 +30,4 @@ Consult the documentation on [simple authorization](xref:security/authorization/
 
 * <xref:fundamentals/minimal-apis/security>
 * <xref:blazor/security/index>
+* <xref:razor-pages/security/authorization/conventions>
diff --git a/aspnetcore/security/authorization/policies.md b/aspnetcore/security/authorization/policies.md
index 68c98e3b86e8..fec7b941faa1 100644
--- a/aspnetcore/security/authorization/policies.md
+++ b/aspnetcore/security/authorization/policies.md
@@ -118,7 +118,7 @@ Apply policies to Razor Pages by using the `[Authorize]` attribute with the poli
 
 Policies can ***not*** be applied at the Razor Page handler level, they must be applied to the Page.
 
-Policies can also be applied to Razor Pages by using an [authorization convention](xref:security/authorization/razor-pages-authorization).
+Policies can also be applied to Razor Pages by using an [authorization convention](xref:razor-pages/security/authorization/conventions).
 
 ## Apply policies to endpoints
 
diff --git a/aspnetcore/security/authorization/policies/includes/policies5.md b/aspnetcore/security/authorization/policies/includes/policies5.md
index 1c23a94f0c3d..54de0ec696f2 100644
--- a/aspnetcore/security/authorization/policies/includes/policies5.md
+++ b/aspnetcore/security/authorization/policies/includes/policies5.md
@@ -108,7 +108,7 @@ Policies are applied to Razor Pages by using the `[Authorize]` attribute with th
 
 Policies can ***not*** be applied at the Razor Page handler level, they must be applied to the Page.
 
-Policies can be applied to Razor Pages by using an [authorization convention](xref:security/authorization/razor-pages-authorization).
+Policies can be applied to Razor Pages by using an [authorization convention](xref:razor-pages/security/authorization/conventions).
 
 <a name="requirements"></a>
 
diff --git a/aspnetcore/security/authorization/razor-pages-authorization.md b/aspnetcore/security/authorization/razor-pages-authorization.md
deleted file mode 100644
index edd9f1b86a6a..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization.md
+++ /dev/null
@@ -1,235 +0,0 @@
----
-title: Razor Pages authorization conventions in ASP.NET Core
-author: wadepickett
-description: Learn how to control access to pages with conventions that authorize users and allow anonymous users to access pages or folders of pages.
-monikerRange: '>= aspnetcore-2.1'
-ms.author: wpickett
-ms.custom: mvc
-ms.date: 08/12/2019
-uid: security/authorization/razor-pages-authorization
----
-# Razor Pages authorization conventions in ASP.NET Core
-
-:::moniker range=">= aspnetcore-3.0"
-
-One way to control access in your Razor Pages app is to use authorization conventions at startup. These conventions allow you to authorize users and allow anonymous users to access individual pages or folders of pages. The conventions described in this topic automatically apply [authorization filters](xref:mvc/controllers/filters#authorization-filters) to control access.
-
-[View or download sample code](https://github.com/dotnet/AspNetCore.Docs/tree/main/aspnetcore/security/authorization/razor-pages-authorization/samples) ([how to download](xref:fundamentals/index#how-to-download-a-sample))
-
-The sample app uses [cookie authentication without ASP.NET Core Identity](xref:security/authentication/cookie). The concepts and examples shown in this topic apply equally to apps that use ASP.NET Core Identity. To use ASP.NET Core Identity, follow the guidance in <xref:security/authentication/identity>.
-
-## Require authorization to access a page
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage*> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=3)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path without an extension and containing only forward slashes.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizePage overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage*):
-
-```csharp
-options.Conventions.AuthorizePage("/Contact", "AtLeast21");
-```
-
-> [!NOTE]
-> An <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> can be applied to a page model class with the `[Authorize]` filter attribute. For more information, see [Authorize filter attribute](xref:razor-pages/filter#authorize-filter-attribute).
-
-## Require authorization to access a folder of pages
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeFolder*> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to all of the pages in a folder at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=4)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizeFolder overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeFolder*):
-
-```csharp
-options.Conventions.AuthorizeFolder("/Private", "AtLeast21");
-```
-
-## Require authorization to access an area page
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaPage*> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the area page at the specified path:
-
-```csharp
-options.Conventions.AuthorizeAreaPage("Identity", "/Manage/Accounts");
-```
-
-The page name is the path of the file without an extension relative to the pages root directory for the specified area. For example, the page name for the file `Areas/Identity/Pages/Manage/Accounts.cshtml` is */Manage/Accounts*.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizeAreaPage overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaPage*):
-
-```csharp
-options.Conventions.AuthorizeAreaPage("Identity", "/Manage/Accounts", "AtLeast21");
-```
-
-## Require authorization to access a folder of areas
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaFolder*> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to all of the areas in a folder at the specified path:
-
-```csharp
-options.Conventions.AuthorizeAreaFolder("Identity", "/Manage");
-```
-
-The folder path is the path of the folder relative to the pages root directory for the specified area. For example, the folder path for the files under *Areas/Identity/Pages/Manage/* is */Manage*.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizeAreaFolder overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaFolder*):
-
-```csharp
-options.Conventions.AuthorizeAreaFolder("Identity", "/Manage", "AtLeast21");
-```
-
-## Allow anonymous access to a page
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AllowAnonymousToPage*> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> to a page at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=5)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path without an extension and containing only forward slashes.
-
-## Allow anonymous access to a folder of pages
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AllowAnonymousToFolder*> convention to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> to all of the pages in a folder at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=6)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path.
-
-## Note on combining authorized and anonymous access
-
-It's valid to specify that a folder of pages requires authorization and then specify that a page within that folder allows anonymous access:
-
-```csharp
-// This works.
-.AuthorizeFolder("/Private").AllowAnonymousToPage("/Private/Public")
-```
-
-The reverse, however, isn't valid. You can't declare a folder of pages for anonymous access and then specify a page within that folder that requires authorization:
-
-```csharp
-// This doesn't work!
-.AllowAnonymousToFolder("/Public").AuthorizePage("/Public/Private")
-```
-
-Requiring authorization on the Private page fails. When both the <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> and <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> are applied to the page, the <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> takes precedence and controls access.
-
-## Additional resources
-
-* <xref:razor-pages/razor-pages-conventions>
-* <xref:Microsoft.AspNetCore.Mvc.ApplicationModels.PageConventionCollection>
-
-:::moniker-end
-
-:::moniker range="< aspnetcore-3.0"
-
-One way to control access in your Razor Pages app is to use authorization conventions at startup. These conventions allow you to authorize users and allow anonymous users to access individual pages or folders of pages. The conventions described in this topic automatically apply [authorization filters](xref:mvc/controllers/filters#authorization-filters) to control access.
-
-[View or download sample code](https://github.com/dotnet/AspNetCore.Docs/tree/main/aspnetcore/security/authorization/razor-pages-authorization/samples) ([how to download](xref:fundamentals/index#how-to-download-a-sample))
-
-The sample app uses [cookie authentication without ASP.NET Core Identity](xref:security/authentication/cookie). The concepts and examples shown in this topic apply equally to apps that use ASP.NET Core Identity. To use ASP.NET Core Identity, follow the guidance in <xref:security/authentication/identity>.
-
-## Require authorization to access a page
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage*> convention via <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcBuilderExtensions.AddRazorPagesOptions*> to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=2,4)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path without an extension and containing only forward slashes.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizePage overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage*):
-
-```csharp
-options.Conventions.AuthorizePage("/Contact", "AtLeast21");
-```
-
-> [!NOTE]
-> An <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> can be applied to a page model class with the `[Authorize]` filter attribute. For more information, see [Authorize filter attribute](xref:razor-pages/filter#authorize-filter-attribute).
-
-## Require authorization to access a folder of pages
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeFolder*> convention via <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcBuilderExtensions.AddRazorPagesOptions*> to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to all of the pages in a folder at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=2,5)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizeFolder overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeFolder*):
-
-```csharp
-options.Conventions.AuthorizeFolder("/Private", "AtLeast21");
-```
-
-## Require authorization to access an area page
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaPage*> convention via <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcBuilderExtensions.AddRazorPagesOptions*> to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the area page at the specified path:
-
-```csharp
-options.Conventions.AuthorizeAreaPage("Identity", "/Manage/Accounts");
-```
-
-The page name is the path of the file without an extension relative to the pages root directory for the specified area. For example, the page name for the file `Areas/Identity/Pages/Manage/Accounts.cshtml` is */Manage/Accounts*.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizeAreaPage overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaPage*):
-
-```csharp
-options.Conventions.AuthorizeAreaPage("Identity", "/Manage/Accounts", "AtLeast21");
-```
-
-## Require authorization to access a folder of areas
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaFolder*> convention via <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcBuilderExtensions.AddRazorPagesOptions*> to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to all of the areas in a folder at the specified path:
-
-```csharp
-options.Conventions.AuthorizeAreaFolder("Identity", "/Manage");
-```
-
-The folder path is the path of the folder relative to the pages root directory for the specified area. For example, the folder path for the files under *Areas/Identity/Pages/Manage/* is */Manage*.
-
-To specify an [authorization policy](xref:security/authorization/policies), use an [AuthorizeAreaFolder overload](xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizeAreaFolder*):
-
-```csharp
-options.Conventions.AuthorizeAreaFolder("Identity", "/Manage", "AtLeast21");
-```
-
-## Allow anonymous access to a page
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AllowAnonymousToPage*> convention via <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcBuilderExtensions.AddRazorPagesOptions*> to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> to a page at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=2,6)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path without an extension and containing only forward slashes.
-
-## Allow anonymous access to a folder of pages
-
-Use the <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AllowAnonymousToFolder*> convention via <xref:Microsoft.Extensions.DependencyInjection.MvcRazorPagesMvcBuilderExtensions.AddRazorPagesOptions*> to add an <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> to all of the pages in a folder at the specified path:
-
-[!code-csharp[](razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs?name=snippet1&highlight=2,7)]
-
-The specified path is the View Engine path, which is the Razor Pages root relative path.
-
-## Note on combining authorized and anonymous access
-
-It's valid to specify that a folder of pages that require authorization and than specify that a page within that folder allows anonymous access:
-
-```csharp
-// This works.
-.AuthorizeFolder("/Private").AllowAnonymousToPage("/Private/Public")
-```
-
-The reverse, however, isn't valid. You can't declare a folder of pages for anonymous access and then specify a page within that folder that requires authorization:
-
-```csharp
-// This doesn't work!
-.AllowAnonymousToFolder("/Public").AuthorizePage("/Public/Private")
-```
-
-Requiring authorization on the Private page fails. When both the <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> and <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> are applied to the page, the <xref:Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter> takes precedence and controls access.
-
-## Additional resources
-
-* <xref:razor-pages/razor-pages-conventions>
-* <xref:Microsoft.AspNetCore.Mvc.ApplicationModels.PageConventionCollection>
-
-:::moniker-end
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/AuthorizationSample.csproj b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/AuthorizationSample.csproj
deleted file mode 100644
index d1202da20b2b..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/AuthorizationSample.csproj
+++ /dev/null
@@ -1,12 +0,0 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
-
-  <PropertyGroup>
-    <TargetFramework>netcoreapp2.2</TargetFramework>
-    <AspNetCoreHostingModel>InProcess</AspNetCoreHostingModel>
-  </PropertyGroup>
-
-  <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.App" />
-  </ItemGroup>
-
-</Project>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Controllers/AccountController.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Controllers/AccountController.cs
deleted file mode 100644
index 9233487b0205..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Controllers/AccountController.cs
+++ /dev/null
@@ -1,21 +0,0 @@
-using System;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Logging;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
-
-namespace AuthorizationSample.Controllers
-{
-    [Route("[controller]/[action]")]
-    public class AccountController : Controller
-    {
-        [HttpPost]
-        public async Task<IActionResult> Logout()
-        {
-            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-
-            return RedirectToPage("/Account/SignedOut");
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Data/ApplicationUser.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Data/ApplicationUser.cs
deleted file mode 100644
index 9757f76925c6..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Data/ApplicationUser.cs
+++ /dev/null
@@ -1,8 +0,0 @@
-namespace AuthorizationSample.Data
-{
-    public class ApplicationUser
-    {
-        public string Email { get; set; }
-        public string FullName { get; set; }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs
deleted file mode 100644
index 8dbd19c6d082..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-
-namespace Microsoft.AspNetCore.Mvc
-{
-    public static class UrlHelperExtensions
-    {
-        public static string GetLocalUrl(this IUrlHelper urlHelper, string localUrl)
-        {
-            if (!urlHelper.IsLocalUrl(localUrl))
-            {
-                return urlHelper.Page("/Index");
-            }
-
-            return localUrl;
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml
deleted file mode 100644
index 0b7b901a98d2..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml
+++ /dev/null
@@ -1,27 +0,0 @@
-@page
-@model LoginModel
-@{
-    ViewData["Title"] = "Log in";
-}
-
-<h1>@ViewData["Title"]</h1>
-<div class="row">
-    <form method="post">
-        <h2>Use a local account to log in.</h2>
-        <hr>
-        <div asp-validation-summary="All"></div>
-        <div>
-            <label asp-for="Input.Email"></label>
-            <input asp-for="Input.Email">
-            <span asp-validation-for="Input.Email"></span>
-        </div>
-        <div>
-            <label asp-for="Input.Password"></label>
-            <input asp-for="Input.Password">
-            <span asp-validation-for="Input.Password"></span>
-        </div>
-        <div>
-            <button type="submit">Log in</button>
-        </div>
-    </form>
-</div>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml.cs
deleted file mode 100644
index f8e1223429c7..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/Login.cshtml.cs
+++ /dev/null
@@ -1,104 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.ComponentModel.DataAnnotations;
-using System.Security.Claims;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-using AuthorizationSample.Data;
-
-namespace AuthorizationSample.Pages.Account
-{
-    public class LoginModel : PageModel
-    {
-        [BindProperty]
-        public InputModel Input { get; set; }
-
-        public string ReturnUrl { get; private set; }
-
-        [TempData]
-        public string ErrorMessage { get; set; }
-
-        public class InputModel
-        {
-            [Required]
-            [EmailAddress]
-            public string Email { get; set; }
-
-            [Required]
-            [DataType(DataType.Password)]
-            public string Password { get; set; }
-        }
-
-        public async Task OnGetAsync(string returnUrl = null)
-        {
-            if (!string.IsNullOrEmpty(ErrorMessage))
-            {
-                ModelState.AddModelError(string.Empty, ErrorMessage);
-            }
-
-            // Clear the existing external cookie
-            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-
-            ReturnUrl = returnUrl;
-        }
-
-        public async Task<IActionResult> OnPostAsync(string returnUrl = null)
-        {
-            ReturnUrl = returnUrl;
-
-            if (ModelState.IsValid)
-            {
-                var user = await AuthenticateUser(Input.Email, Input.Password);
-
-                if (user == null)
-                {
-                    ModelState.AddModelError(string.Empty, "Invalid login attempt.");
-                    return Page();
-                }
-
-                var claims = new List<Claim>
-                {
-                    new Claim(ClaimTypes.Name, user.Email),
-                    new Claim("FullName", user.FullName)
-                };
-
-                var claimsIdentity = new ClaimsIdentity(
-                    claims, CookieAuthenticationDefaults.AuthenticationScheme);
-
-                await HttpContext.SignInAsync(
-                    CookieAuthenticationDefaults.AuthenticationScheme, 
-                    new ClaimsPrincipal(claimsIdentity));
-
-                return LocalRedirect(Url.GetLocalUrl(returnUrl));
-            }
-
-            // Something failed. Redisplay the form.
-            return Page();
-        }
-
-        private async Task<ApplicationUser> AuthenticateUser(string email, string password)
-        {
-            // For demonstration purposes, authenticate a user
-            // with a static email address. Ignore the password.
-            // Assume that checking the database takes 500ms
-
-            await Task.Delay(500);
-
-            if (string.Equals(email, "maria.rodriguez@contoso.com", StringComparison.OrdinalIgnoreCase))
-            {
-                return new ApplicationUser()
-                {
-                    Email = "maria.rodriguez@contoso.com",
-                    FullName = "Maria Rodriguez"
-                };
-            }
-            else
-            {
-                return null;
-            }
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml
deleted file mode 100644
index e18ba199c769..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml
+++ /dev/null
@@ -1,10 +0,0 @@
-@page
-@model SignedOutModel
-@{
-    ViewData["Title"] = "Signed out";
-}
-
-<h1>@ViewData["Title"]</h1>
-<p>
-    You have successfully signed out.
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs
deleted file mode 100644
index 3c580ce57994..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Account
-{
-    public class SignedOutModel : PageModel
-    {
-        public IActionResult OnGet()
-        {
-            if (User.Identity.IsAuthenticated)
-            {
-                // Redirect to home page if the user is authenticated.
-                return RedirectToPage("/Index");
-            }
-
-            return Page();
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml
deleted file mode 100644
index d4f38aecaf23..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml
+++ /dev/null
@@ -1 +0,0 @@
-@using AuthorizationSample.Pages.Account
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml
deleted file mode 100644
index 6085eaf62dc2..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml
+++ /dev/null
@@ -1,27 +0,0 @@
-@page
-@model ContactModel
-@{
-    ViewData["Title"] = "Contact";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    This page requires authorization by convention:
-    <code>
-        options.Conventions.AuthorizePage("/Contact");
-    </code>
-</p>
-
-<address>
-    One Microsoft Way<br>
-    Redmond, WA 98052-6399<br>
-    <abbr title="Phone">P:</abbr>
-    425.555.0100
-</address>
-
-<address>
-    <strong>Support:</strong> <a href="mailto:Support@example.com">Support@example.com</a><br>
-    <strong>Marketing:</strong> <a href="mailto:Marketing@example.com">Marketing@example.com</a>
-</address>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml.cs
deleted file mode 100644
index 2cd410df8c03..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Contact.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages
-{
-    public class ContactModel : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "Your contact page.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml
deleted file mode 100644
index 693d5fde8b45..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml
+++ /dev/null
@@ -1,26 +0,0 @@
-@page
-@model ErrorModel
-@{
-    ViewData["Title"] = "Error";
-}
-
-<h1>Error.</h1>
-<h2>An error occurred while processing your request.</h2>
-
-@if (Model.ShowRequestId)
-{
-    <p>
-        <strong>Request ID:</strong> <code>@Model.RequestId</code>
-    </p>
-}
-
-<h3>Development Mode</h3>
-<p>
-    Swapping to the <strong>Development</strong> environment displays detailed information about the error that occurred.
-</p>
-<p>
-    <strong>The Development environment shouldn't be enabled for deployed applications.</strong>
-    It can result in displaying sensitive information from exceptions to end users.
-    For local debugging, enable the <strong>Development</strong> environment by setting the <strong>ASPNETCORE_ENVIRONMENT</strong> environment variable to <strong>Development</strong>
-    and restarting the app.
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml.cs
deleted file mode 100644
index cb1f50cb4fb6..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Error.cshtml.cs
+++ /dev/null
@@ -1,23 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Diagnostics;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages
-{
-    [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
-    public class ErrorModel : PageModel
-    {
-        public string RequestId { get; set; }
-
-        public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);
-
-        public void OnGet()
-        {
-            RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier;
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml
deleted file mode 100644
index e2ab8a97fb67..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml
+++ /dev/null
@@ -1,13 +0,0 @@
-@page
-@model IndexModel
-@{
-    ViewData["Title"] = "Authorization Sample";
-}
-
-@if (User.Identity.IsAuthenticated)
-{
-    <div class="row">
-        <div>Hello @User.Claims.FirstOrDefault(c => c.Type == "FullName")?.Value!</div>
-        <p>Username: @User.Identity.Name</p>
-    </div>
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml.cs
deleted file mode 100644
index b6c8e433f8a5..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Index.cshtml.cs
+++ /dev/null
@@ -1,17 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages
-{
-    public class IndexModel : PageModel
-    {
-        public void OnGet()
-        {
-
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml
deleted file mode 100644
index 895c3aa3bc25..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private
-@model PrivatePage1Model
-@{
-    ViewData["Title"] = "Private Folder: Private Page 1";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    This page requires authorization by convention:
-    <code>
-        options.Conventions.AuthorizeFolder("/Private");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs
deleted file mode 100644
index a98fb3a5645d..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private
-{
-    public class PrivatePage1Model : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A private page inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml
deleted file mode 100644
index 2499faedb113..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private
-@model PrivatePage2Model
-@{
-    ViewData["Title"] = "Private Folder: Private Page 2";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    This page requires authorization by convention:
-    <code>
-        options.Conventions.AuthorizeFolder("/Private");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs
deleted file mode 100644
index 81a756046218..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private
-{
-    public class PrivatePage2Model : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A private page inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml
deleted file mode 100644
index 671c439e7e1e..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private
-@model PublicPageModel
-@{
-    ViewData["Title"] = "Private Folder: Public Page";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    The <i>Private</i> folder requires authorization, but this page allows anonymous visitors by convention:
-    <code>
-        options.Conventions.AllowAnonymousToPage("/Private/PublicPage");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs
deleted file mode 100644
index 996a7502f2d9..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private
-{
-    public class PublicPageModel : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A public page inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml
deleted file mode 100644
index 3e75b2d09d80..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private.Public
-@model PublicPageModel
-@{
-    ViewData["Title"] = "Private Folder: PublicPages Folder: Public Page";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    The <i>Private</i> folder requires authorization, but this page is inside a <i>PublicPages</i> folder that allows anonymous visitors by convention:
-    <code>
-        options.Conventions.AllowAnonymousToFolder("/Private/PublicPages");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs
deleted file mode 100644
index 0bc24cf9af1a..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private.Public
-{
-    public class PublicPageModel : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A public page inside a PublicPages folder inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml
deleted file mode 100644
index 405e1c784367..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml
+++ /dev/null
@@ -1 +0,0 @@
-@using AuthorizationSample.Pages.Private.Public
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml
deleted file mode 100644
index c1b29ede2c14..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml
+++ /dev/null
@@ -1 +0,0 @@
-@using AuthorizationSample.Pages.Private
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Shared/_Layout.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Shared/_Layout.cshtml
deleted file mode 100644
index 8c4cdd8f53b4..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/Shared/_Layout.cshtml
+++ /dev/null
@@ -1,32 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>@ViewData["Title"]</title>
-    <style>body{margin:0;padding-bottom:20px;font-family:"Helvetica Neue", Helvetica, Arial, sans-serif;font-size:14px;line-height:1.42857143;color:#333;background-color:#fff;}h1{font-size:24px;margin:.67em 0;}pre{overflow:auto;}code,pre{font-family:monospace, monospace;font-size:1em;}button,input{margin:0;font:inherit;color:inherit;}button{overflow:visible;}button{text-transform:none;}input{line-height:normal;}{box-sizing:border-box;}:before,*:after{box-sizing:border-box;}input,button{font-family:inherit;font-size:inherit;line-height:inherit;}a{color:#337ab7;text-decoration:none;}h1,h2,h3,h4{font-family:inherit;font-weight:500;line-height:1.1;color:inherit;margin-top:20px;margin-bottom:10px;}h3{font-size:16px;}h4{font-size:18px;}p{margin:0 0 10px;}ol{margin-top:0;margin-bottom:10px;}code,pre{font-family:Menlo, Monaco, Consolas, "Courier New", monospace;}code{padding:2px 4px;font-size:90%;color:#c7254e;background-color:#f9f2f4;border-radius:4px;}pre{display:block;padding:9.5px;margin:0 0 10px;font-size:13px;line-height:1.42857143;color:#333;word-break:break-all;word-wrap:break-word;background-color:#f5f5f5;border:1px solid #ccc;-radius:4px;}pre code{padding:0;font-size:inherit;color:inherit;white-space:pre-wrap;background-color:transparent;border-radius:0;}.container{padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto;}.container{width:800px;}.btn{display:inline-block;padding:6px 12px;margin-bottom:0;font-size:14px;font-weight:normal;line-height:1.42857143;text-align:center;white-space:nowrap;vertical-align:middle;background-image:none;border:1px solid transparent;border-radius:4px;;color:#fff;background-color:green;border-color:gray;float:right}.panel{margin-bottom:20px;background-color:#fff;border:1px solid transparent;border-radius:4px;box-shadow:0 1px 1px rgba(0, 0, 0, .05);}.panel-body{padding:15px;}.panel-heading{padding:10px 15px;border-bottom:1px solid transparent;border-top-left-radius:3px;border-top-right-radius:3px;}.panel-title{margin-top:0;margin-bottom:0;font-size:16px;color:inherit;}.panel-default{border-color:#ddd;}.panel-default > .panel-heading{color:#333;background-color:#f5f5f5;border-color:#ddd;}.clearfix:before,.clearfix:after,.container:before,.container:after,.panel-body:before,.panel-body:after{display:table;content:" ";}.clearfix:after,.container:after,.panel-body:after{clear:both;}.body-content{padding-left:15px;padding-right:15px;}.panel-body{font-size:16px;}</style>
-</head>
-<body>
-    <div class="container">
-        <ul>
-            <li><a asp-page="/Index">Home</a></li>
-            <li>
-                <ul>
-                    <li><a asp-page="/Private/PrivatePage1">Private Folder: Private Page 1 (Authentication Required)</a></li>
-                    <li><a asp-page="/Private/PrivatePage2">Private Folder: Private Page 2 (Authentication Required)</a></li>
-                    <li><a asp-page="/Private/PublicPage">Private Folder: Public Page</a></li>
-                    <li><a asp-page="/Private/PublicPages/PublicPage">Private Folder: Public Folder: Public Page</a></li>
-                </ul>
-            </li>
-            <li><a asp-page="/Contact">Contact (Authentication Required)</a></li>
-        </ul>
-        @await Html.PartialAsync("_LoginPartial")
-    </div>
-
-    <div class="container body-content">
-        @RenderBody()
-    </div>
-
-    @RenderSection("Scripts", required: false)
-</body>
-</html>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_LoginPartial.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_LoginPartial.cshtml
deleted file mode 100644
index d5faf3da2438..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_LoginPartial.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@if (User.Identity.IsAuthenticated)
-{
-    <form asp-controller="Account" asp-action="Logout" method="post" id="logoutForm">
-        <ul>
-            <li>
-                <button type="submit">Log out</button>
-            </li>
-        </ul>
-    </form>
-}
-else
-{
-    <ul>
-        <li><a asp-page="/Account/Login">Log in</a></li>
-    </ul>
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewImports.cshtml
deleted file mode 100644
index 935a79aefd0d..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewImports.cshtml
+++ /dev/null
@@ -1,4 +0,0 @@
-@using AuthorizationSample
-@using AuthorizationSample.Data
-@namespace AuthorizationSample.Pages
-@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewStart.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewStart.cshtml
deleted file mode 100644
index a5f10045db97..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Pages/_ViewStart.cshtml
+++ /dev/null
@@ -1,3 +0,0 @@
-@{
-    Layout = "_Layout";
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Program.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Program.cs
deleted file mode 100644
index 494cff05f31a..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Program.cs
+++ /dev/null
@@ -1,17 +0,0 @@
-using Microsoft.AspNetCore;
-using Microsoft.AspNetCore.Hosting;
-
-namespace AuthorizationSample
-{
-    public class Program
-    {
-        public static void Main(string[] args)
-        {
-            CreateWebHostBuilder(args).Build().Run();
-        }
-
-        public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
-            WebHost.CreateDefaultBuilder(args)
-                .UseStartup<Startup>();
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/README.md b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/README.md
deleted file mode 100644
index dc3b198cb7d3..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/README.md
+++ /dev/null
@@ -1,16 +0,0 @@
-# ASP.NET Core Authorization Sample
-
-This sample illustrates use of Razor Pages authorization by conventions. This sample demonstrates the features described in the [Razor Pages authorization conventions](https://learn.microsoft.com/aspnet/core/security/authorization/razor-pages-authorization) topic.
-
-User authorization in this sample uses the cookie authentication features described in the [Use cookie authentication without ASP.NET Core Identity](https://learn.microsoft.com/aspnet/core/security/authentication/cookie) topic. The concepts and examples shown in this topic apply equally to apps that use ASP.NET Core Identity. For information on using ASP.NET Core Identity, see [Introduction to Identity on ASP.NET Core](https://learn.microsoft.com/aspnet/core/security/authentication/identity).
-
-Use the email address **maria.rodriguez@contoso.com** to authenticate the user with any password. The user is authenticated in the `AuthenticateUser` method in the `Pages/Account/Login.cshtml.cs` file. In a real-world example, the user would be authenticated against a database.
-
-## Examples in this sample
-
-| Feature | Description |
-| --- | --- |
-| [AuthorizePage](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.authorizepage) | Adds an [AuthorizeFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.authorizefilter) to the page with the specified path. |
-| [AuthorizeFolder](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.authorizefolder) | Adds an [AuthorizeFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.authorizefilter) to all of the pages in a folder with the specified path. |
-| [AllowAnonymousToPage](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.allowanonymoustopage) | Adds an [AllowAnonymousFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.allowanonymousfilter) to a page with the specified path. |
-| [AllowAnonymousToFolder](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.allowanonymoustofolder) | Adds an [AllowAnonymousFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.allowanonymousfilter) to all of the pages in a folder with the specified path. |
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs
deleted file mode 100644
index 4332948e8667..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/Startup.cs
+++ /dev/null
@@ -1,51 +0,0 @@
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Builder;
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.DependencyInjection;
-
-namespace AuthorizationSample
-{
-    public class Startup
-    {
-        public void ConfigureServices(IServiceCollection services)
-        {
-            #region snippet1
-            services.AddMvc()
-                .AddRazorPagesOptions(options =>
-                {
-                    options.Conventions.AuthorizePage("/Contact");
-                    options.Conventions.AuthorizeFolder("/Private");
-                    options.Conventions.AllowAnonymousToPage("/Private/PublicPage");
-                    options.Conventions.AllowAnonymousToFolder("/Private/PublicPages");
-                })
-                .SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
-            #endregion
-
-            services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
-                .AddCookie();
-        }
-
-        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
-        {
-            if (env.IsDevelopment())
-            {
-                app.UseDeveloperExceptionPage();
-                app.UseDatabaseErrorPage();
-            }
-            else
-            {
-                app.UseExceptionHandler("/Error");
-                app.UseHsts();
-            }
-
-            app.UseHttpsRedirection();
-            app.UseStaticFiles();
-
-            app.UseAuthentication();
-
-            app.UseMvc();
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.Development.json b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.Development.json
deleted file mode 100644
index 0623a3f445b7..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.Development.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-  "Logging": {
-    "LogLevel": {
-      "Default": "Debug",
-      "System": "Information",
-      "Microsoft": "Information"
-    }
-  }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.json b/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.json
deleted file mode 100644
index b7c4ed90944f..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/2.x/AuthorizationSample/appsettings.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "Logging": {
-    "LogLevel": {
-      "Default": "Warning"
-    }
-  },
-  "AllowedHosts": "*"
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/AuthorizationSample.csproj b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/AuthorizationSample.csproj
deleted file mode 100644
index 92605c5a127d..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/AuthorizationSample.csproj
+++ /dev/null
@@ -1,7 +0,0 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
-
-  <PropertyGroup>
-    <TargetFramework>netcoreapp3.1</TargetFramework>
-  </PropertyGroup>
-
-</Project>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Controllers/AccountController.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Controllers/AccountController.cs
deleted file mode 100644
index 9233487b0205..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Controllers/AccountController.cs
+++ /dev/null
@@ -1,21 +0,0 @@
-using System;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Logging;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
-
-namespace AuthorizationSample.Controllers
-{
-    [Route("[controller]/[action]")]
-    public class AccountController : Controller
-    {
-        [HttpPost]
-        public async Task<IActionResult> Logout()
-        {
-            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-
-            return RedirectToPage("/Account/SignedOut");
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Data/ApplicationUser.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Data/ApplicationUser.cs
deleted file mode 100644
index 9757f76925c6..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Data/ApplicationUser.cs
+++ /dev/null
@@ -1,8 +0,0 @@
-namespace AuthorizationSample.Data
-{
-    public class ApplicationUser
-    {
-        public string Email { get; set; }
-        public string FullName { get; set; }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs
deleted file mode 100644
index 8dbd19c6d082..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Extensions/UrlHelperExtensions.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-
-namespace Microsoft.AspNetCore.Mvc
-{
-    public static class UrlHelperExtensions
-    {
-        public static string GetLocalUrl(this IUrlHelper urlHelper, string localUrl)
-        {
-            if (!urlHelper.IsLocalUrl(localUrl))
-            {
-                return urlHelper.Page("/Index");
-            }
-
-            return localUrl;
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml
deleted file mode 100644
index 0b7b901a98d2..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml
+++ /dev/null
@@ -1,27 +0,0 @@
-@page
-@model LoginModel
-@{
-    ViewData["Title"] = "Log in";
-}
-
-<h1>@ViewData["Title"]</h1>
-<div class="row">
-    <form method="post">
-        <h2>Use a local account to log in.</h2>
-        <hr>
-        <div asp-validation-summary="All"></div>
-        <div>
-            <label asp-for="Input.Email"></label>
-            <input asp-for="Input.Email">
-            <span asp-validation-for="Input.Email"></span>
-        </div>
-        <div>
-            <label asp-for="Input.Password"></label>
-            <input asp-for="Input.Password">
-            <span asp-validation-for="Input.Password"></span>
-        </div>
-        <div>
-            <button type="submit">Log in</button>
-        </div>
-    </form>
-</div>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml.cs
deleted file mode 100644
index f8e1223429c7..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/Login.cshtml.cs
+++ /dev/null
@@ -1,104 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.ComponentModel.DataAnnotations;
-using System.Security.Claims;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-using AuthorizationSample.Data;
-
-namespace AuthorizationSample.Pages.Account
-{
-    public class LoginModel : PageModel
-    {
-        [BindProperty]
-        public InputModel Input { get; set; }
-
-        public string ReturnUrl { get; private set; }
-
-        [TempData]
-        public string ErrorMessage { get; set; }
-
-        public class InputModel
-        {
-            [Required]
-            [EmailAddress]
-            public string Email { get; set; }
-
-            [Required]
-            [DataType(DataType.Password)]
-            public string Password { get; set; }
-        }
-
-        public async Task OnGetAsync(string returnUrl = null)
-        {
-            if (!string.IsNullOrEmpty(ErrorMessage))
-            {
-                ModelState.AddModelError(string.Empty, ErrorMessage);
-            }
-
-            // Clear the existing external cookie
-            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-
-            ReturnUrl = returnUrl;
-        }
-
-        public async Task<IActionResult> OnPostAsync(string returnUrl = null)
-        {
-            ReturnUrl = returnUrl;
-
-            if (ModelState.IsValid)
-            {
-                var user = await AuthenticateUser(Input.Email, Input.Password);
-
-                if (user == null)
-                {
-                    ModelState.AddModelError(string.Empty, "Invalid login attempt.");
-                    return Page();
-                }
-
-                var claims = new List<Claim>
-                {
-                    new Claim(ClaimTypes.Name, user.Email),
-                    new Claim("FullName", user.FullName)
-                };
-
-                var claimsIdentity = new ClaimsIdentity(
-                    claims, CookieAuthenticationDefaults.AuthenticationScheme);
-
-                await HttpContext.SignInAsync(
-                    CookieAuthenticationDefaults.AuthenticationScheme, 
-                    new ClaimsPrincipal(claimsIdentity));
-
-                return LocalRedirect(Url.GetLocalUrl(returnUrl));
-            }
-
-            // Something failed. Redisplay the form.
-            return Page();
-        }
-
-        private async Task<ApplicationUser> AuthenticateUser(string email, string password)
-        {
-            // For demonstration purposes, authenticate a user
-            // with a static email address. Ignore the password.
-            // Assume that checking the database takes 500ms
-
-            await Task.Delay(500);
-
-            if (string.Equals(email, "maria.rodriguez@contoso.com", StringComparison.OrdinalIgnoreCase))
-            {
-                return new ApplicationUser()
-                {
-                    Email = "maria.rodriguez@contoso.com",
-                    FullName = "Maria Rodriguez"
-                };
-            }
-            else
-            {
-                return null;
-            }
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml
deleted file mode 100644
index e18ba199c769..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml
+++ /dev/null
@@ -1,10 +0,0 @@
-@page
-@model SignedOutModel
-@{
-    ViewData["Title"] = "Signed out";
-}
-
-<h1>@ViewData["Title"]</h1>
-<p>
-    You have successfully signed out.
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs
deleted file mode 100644
index 3c580ce57994..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/SignedOut.cshtml.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Account
-{
-    public class SignedOutModel : PageModel
-    {
-        public IActionResult OnGet()
-        {
-            if (User.Identity.IsAuthenticated)
-            {
-                // Redirect to home page if the user is authenticated.
-                return RedirectToPage("/Index");
-            }
-
-            return Page();
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml
deleted file mode 100644
index d4f38aecaf23..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Account/_ViewImports.cshtml
+++ /dev/null
@@ -1 +0,0 @@
-@using AuthorizationSample.Pages.Account
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml
deleted file mode 100644
index 6085eaf62dc2..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml
+++ /dev/null
@@ -1,27 +0,0 @@
-@page
-@model ContactModel
-@{
-    ViewData["Title"] = "Contact";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    This page requires authorization by convention:
-    <code>
-        options.Conventions.AuthorizePage("/Contact");
-    </code>
-</p>
-
-<address>
-    One Microsoft Way<br>
-    Redmond, WA 98052-6399<br>
-    <abbr title="Phone">P:</abbr>
-    425.555.0100
-</address>
-
-<address>
-    <strong>Support:</strong> <a href="mailto:Support@example.com">Support@example.com</a><br>
-    <strong>Marketing:</strong> <a href="mailto:Marketing@example.com">Marketing@example.com</a>
-</address>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml.cs
deleted file mode 100644
index 2cd410df8c03..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Contact.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages
-{
-    public class ContactModel : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "Your contact page.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml
deleted file mode 100644
index 693d5fde8b45..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml
+++ /dev/null
@@ -1,26 +0,0 @@
-@page
-@model ErrorModel
-@{
-    ViewData["Title"] = "Error";
-}
-
-<h1>Error.</h1>
-<h2>An error occurred while processing your request.</h2>
-
-@if (Model.ShowRequestId)
-{
-    <p>
-        <strong>Request ID:</strong> <code>@Model.RequestId</code>
-    </p>
-}
-
-<h3>Development Mode</h3>
-<p>
-    Swapping to the <strong>Development</strong> environment displays detailed information about the error that occurred.
-</p>
-<p>
-    <strong>The Development environment shouldn't be enabled for deployed applications.</strong>
-    It can result in displaying sensitive information from exceptions to end users.
-    For local debugging, enable the <strong>Development</strong> environment by setting the <strong>ASPNETCORE_ENVIRONMENT</strong> environment variable to <strong>Development</strong>
-    and restarting the app.
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml.cs
deleted file mode 100644
index cb1f50cb4fb6..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Error.cshtml.cs
+++ /dev/null
@@ -1,23 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Diagnostics;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages
-{
-    [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
-    public class ErrorModel : PageModel
-    {
-        public string RequestId { get; set; }
-
-        public bool ShowRequestId => !string.IsNullOrEmpty(RequestId);
-
-        public void OnGet()
-        {
-            RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier;
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml
deleted file mode 100644
index e2ab8a97fb67..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml
+++ /dev/null
@@ -1,13 +0,0 @@
-@page
-@model IndexModel
-@{
-    ViewData["Title"] = "Authorization Sample";
-}
-
-@if (User.Identity.IsAuthenticated)
-{
-    <div class="row">
-        <div>Hello @User.Claims.FirstOrDefault(c => c.Type == "FullName")?.Value!</div>
-        <p>Username: @User.Identity.Name</p>
-    </div>
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml.cs
deleted file mode 100644
index b6c8e433f8a5..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Index.cshtml.cs
+++ /dev/null
@@ -1,17 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages
-{
-    public class IndexModel : PageModel
-    {
-        public void OnGet()
-        {
-
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml
deleted file mode 100644
index 895c3aa3bc25..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private
-@model PrivatePage1Model
-@{
-    ViewData["Title"] = "Private Folder: Private Page 1";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    This page requires authorization by convention:
-    <code>
-        options.Conventions.AuthorizeFolder("/Private");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs
deleted file mode 100644
index a98fb3a5645d..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage1.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private
-{
-    public class PrivatePage1Model : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A private page inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml
deleted file mode 100644
index 2499faedb113..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private
-@model PrivatePage2Model
-@{
-    ViewData["Title"] = "Private Folder: Private Page 2";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    This page requires authorization by convention:
-    <code>
-        options.Conventions.AuthorizeFolder("/Private");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs
deleted file mode 100644
index 81a756046218..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PrivatePage2.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private
-{
-    public class PrivatePage2Model : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A private page inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml
deleted file mode 100644
index 671c439e7e1e..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private
-@model PublicPageModel
-@{
-    ViewData["Title"] = "Private Folder: Public Page";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    The <i>Private</i> folder requires authorization, but this page allows anonymous visitors by convention:
-    <code>
-        options.Conventions.AllowAnonymousToPage("/Private/PublicPage");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs
deleted file mode 100644
index 996a7502f2d9..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPage.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private
-{
-    public class PublicPageModel : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A public page inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml
deleted file mode 100644
index 3e75b2d09d80..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@page
-@namespace AuthorizationSample.Pages.Private.Public
-@model PublicPageModel
-@{
-    ViewData["Title"] = "Private Folder: PublicPages Folder: Public Page";
-}
-
-<h1>@ViewData["Title"]</h1>
-<h2>@Model.Message</h2>
-
-<p>
-    The <i>Private</i> folder requires authorization, but this page is inside a <i>PublicPages</i> folder that allows anonymous visitors by convention:
-    <code>
-        options.Conventions.AllowAnonymousToFolder("/Private/PublicPages");
-    </code>
-</p>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs
deleted file mode 100644
index 0bc24cf9af1a..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/PublicPage.cshtml.cs
+++ /dev/null
@@ -1,19 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc.RazorPages;
-
-namespace AuthorizationSample.Pages.Private.Public
-{
-    public class PublicPageModel : PageModel
-    {
-        public string Message { get; private set; }
-
-        public void OnGet()
-        {
-            Message = "A public page inside a PublicPages folder inside the Private folder.";
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml
deleted file mode 100644
index 405e1c784367..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/PublicPages/_ViewImports.cshtml
+++ /dev/null
@@ -1 +0,0 @@
-@using AuthorizationSample.Pages.Private.Public
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml
deleted file mode 100644
index c1b29ede2c14..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Private/_ViewImports.cshtml
+++ /dev/null
@@ -1 +0,0 @@
-@using AuthorizationSample.Pages.Private
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Shared/_Layout.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Shared/_Layout.cshtml
deleted file mode 100644
index 8c4cdd8f53b4..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/Shared/_Layout.cshtml
+++ /dev/null
@@ -1,32 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>@ViewData["Title"]</title>
-    <style>body{margin:0;padding-bottom:20px;font-family:"Helvetica Neue", Helvetica, Arial, sans-serif;font-size:14px;line-height:1.42857143;color:#333;background-color:#fff;}h1{font-size:24px;margin:.67em 0;}pre{overflow:auto;}code,pre{font-family:monospace, monospace;font-size:1em;}button,input{margin:0;font:inherit;color:inherit;}button{overflow:visible;}button{text-transform:none;}input{line-height:normal;}{box-sizing:border-box;}:before,*:after{box-sizing:border-box;}input,button{font-family:inherit;font-size:inherit;line-height:inherit;}a{color:#337ab7;text-decoration:none;}h1,h2,h3,h4{font-family:inherit;font-weight:500;line-height:1.1;color:inherit;margin-top:20px;margin-bottom:10px;}h3{font-size:16px;}h4{font-size:18px;}p{margin:0 0 10px;}ol{margin-top:0;margin-bottom:10px;}code,pre{font-family:Menlo, Monaco, Consolas, "Courier New", monospace;}code{padding:2px 4px;font-size:90%;color:#c7254e;background-color:#f9f2f4;border-radius:4px;}pre{display:block;padding:9.5px;margin:0 0 10px;font-size:13px;line-height:1.42857143;color:#333;word-break:break-all;word-wrap:break-word;background-color:#f5f5f5;border:1px solid #ccc;-radius:4px;}pre code{padding:0;font-size:inherit;color:inherit;white-space:pre-wrap;background-color:transparent;border-radius:0;}.container{padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto;}.container{width:800px;}.btn{display:inline-block;padding:6px 12px;margin-bottom:0;font-size:14px;font-weight:normal;line-height:1.42857143;text-align:center;white-space:nowrap;vertical-align:middle;background-image:none;border:1px solid transparent;border-radius:4px;;color:#fff;background-color:green;border-color:gray;float:right}.panel{margin-bottom:20px;background-color:#fff;border:1px solid transparent;border-radius:4px;box-shadow:0 1px 1px rgba(0, 0, 0, .05);}.panel-body{padding:15px;}.panel-heading{padding:10px 15px;border-bottom:1px solid transparent;border-top-left-radius:3px;border-top-right-radius:3px;}.panel-title{margin-top:0;margin-bottom:0;font-size:16px;color:inherit;}.panel-default{border-color:#ddd;}.panel-default > .panel-heading{color:#333;background-color:#f5f5f5;border-color:#ddd;}.clearfix:before,.clearfix:after,.container:before,.container:after,.panel-body:before,.panel-body:after{display:table;content:" ";}.clearfix:after,.container:after,.panel-body:after{clear:both;}.body-content{padding-left:15px;padding-right:15px;}.panel-body{font-size:16px;}</style>
-</head>
-<body>
-    <div class="container">
-        <ul>
-            <li><a asp-page="/Index">Home</a></li>
-            <li>
-                <ul>
-                    <li><a asp-page="/Private/PrivatePage1">Private Folder: Private Page 1 (Authentication Required)</a></li>
-                    <li><a asp-page="/Private/PrivatePage2">Private Folder: Private Page 2 (Authentication Required)</a></li>
-                    <li><a asp-page="/Private/PublicPage">Private Folder: Public Page</a></li>
-                    <li><a asp-page="/Private/PublicPages/PublicPage">Private Folder: Public Folder: Public Page</a></li>
-                </ul>
-            </li>
-            <li><a asp-page="/Contact">Contact (Authentication Required)</a></li>
-        </ul>
-        @await Html.PartialAsync("_LoginPartial")
-    </div>
-
-    <div class="container body-content">
-        @RenderBody()
-    </div>
-
-    @RenderSection("Scripts", required: false)
-</body>
-</html>
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_LoginPartial.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_LoginPartial.cshtml
deleted file mode 100644
index d5faf3da2438..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_LoginPartial.cshtml
+++ /dev/null
@@ -1,16 +0,0 @@
-@if (User.Identity.IsAuthenticated)
-{
-    <form asp-controller="Account" asp-action="Logout" method="post" id="logoutForm">
-        <ul>
-            <li>
-                <button type="submit">Log out</button>
-            </li>
-        </ul>
-    </form>
-}
-else
-{
-    <ul>
-        <li><a asp-page="/Account/Login">Log in</a></li>
-    </ul>
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewImports.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewImports.cshtml
deleted file mode 100644
index 935a79aefd0d..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewImports.cshtml
+++ /dev/null
@@ -1,4 +0,0 @@
-@using AuthorizationSample
-@using AuthorizationSample.Data
-@namespace AuthorizationSample.Pages
-@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewStart.cshtml b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewStart.cshtml
deleted file mode 100644
index a5f10045db97..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Pages/_ViewStart.cshtml
+++ /dev/null
@@ -1,3 +0,0 @@
-@{
-    Layout = "_Layout";
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Program.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Program.cs
deleted file mode 100644
index f522a0401da5..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Program.cs
+++ /dev/null
@@ -1,26 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.Extensions.Configuration;
-using Microsoft.Extensions.Hosting;
-using Microsoft.Extensions.Logging;
-
-namespace AuthorizationSample
-{
-    public class Program
-    {
-        public static void Main(string[] args)
-        {
-            CreateHostBuilder(args).Build().Run();
-        }
-
-        public static IHostBuilder CreateHostBuilder(string[] args) =>
-            Host.CreateDefaultBuilder(args)
-                .ConfigureWebHostDefaults(webBuilder =>
-                {
-                    webBuilder.UseStartup<Startup>();
-                });
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/README.md b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/README.md
deleted file mode 100644
index dc3b198cb7d3..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/README.md
+++ /dev/null
@@ -1,16 +0,0 @@
-# ASP.NET Core Authorization Sample
-
-This sample illustrates use of Razor Pages authorization by conventions. This sample demonstrates the features described in the [Razor Pages authorization conventions](https://learn.microsoft.com/aspnet/core/security/authorization/razor-pages-authorization) topic.
-
-User authorization in this sample uses the cookie authentication features described in the [Use cookie authentication without ASP.NET Core Identity](https://learn.microsoft.com/aspnet/core/security/authentication/cookie) topic. The concepts and examples shown in this topic apply equally to apps that use ASP.NET Core Identity. For information on using ASP.NET Core Identity, see [Introduction to Identity on ASP.NET Core](https://learn.microsoft.com/aspnet/core/security/authentication/identity).
-
-Use the email address **maria.rodriguez@contoso.com** to authenticate the user with any password. The user is authenticated in the `AuthenticateUser` method in the `Pages/Account/Login.cshtml.cs` file. In a real-world example, the user would be authenticated against a database.
-
-## Examples in this sample
-
-| Feature | Description |
-| --- | --- |
-| [AuthorizePage](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.authorizepage) | Adds an [AuthorizeFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.authorizefilter) to the page with the specified path. |
-| [AuthorizeFolder](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.authorizefolder) | Adds an [AuthorizeFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.authorizefilter) to all of the pages in a folder with the specified path. |
-| [AllowAnonymousToPage](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.allowanonymoustopage) | Adds an [AllowAnonymousFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.allowanonymousfilter) to a page with the specified path. |
-| [AllowAnonymousToFolder](https://learn.microsoft.com/dotnet/api/microsoft.extensions.dependencyinjection.pageconventioncollectionextensions.allowanonymoustofolder) | Adds an [AllowAnonymousFilter](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.mvc.authorization.allowanonymousfilter) to all of the pages in a folder with the specified path. |
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs
deleted file mode 100644
index aada02b819c4..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/Startup.cs
+++ /dev/null
@@ -1,55 +0,0 @@
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Builder;
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Hosting;
-
-namespace AuthorizationSample
-{
-    public class Startup
-    {
-        public void ConfigureServices(IServiceCollection services)
-        {
-            services.AddControllers();
-
-            #region snippet1
-            services.AddRazorPages(options =>
-            {
-                options.Conventions.AuthorizePage("/Contact");
-                options.Conventions.AuthorizeFolder("/Private");
-                options.Conventions.AllowAnonymousToPage("/Private/PublicPage");
-                options.Conventions.AllowAnonymousToFolder("/Private/PublicPages");
-            });
-            #endregion
-
-            services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
-                .AddCookie();
-        }
-
-        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
-        {
-            if (env.IsDevelopment())
-            {
-                app.UseDeveloperExceptionPage();
-            }
-            else
-            {
-                app.UseExceptionHandler("/Error");
-                app.UseHsts();
-            }
-
-            app.UseHttpsRedirection();
-            app.UseStaticFiles();
-            app.UseRouting();
-
-            app.UseAuthentication();
-            app.UseAuthorization();
-
-            app.UseEndpoints(endpoints =>
-            {
-                endpoints.MapControllers();
-                endpoints.MapRazorPages();
-            });
-        }
-    }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.Development.json b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.Development.json
deleted file mode 100644
index 0623a3f445b7..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.Development.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-  "Logging": {
-    "LogLevel": {
-      "Default": "Debug",
-      "System": "Information",
-      "Microsoft": "Information"
-    }
-  }
-}
diff --git a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.json b/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.json
deleted file mode 100644
index b7c4ed90944f..000000000000
--- a/aspnetcore/security/authorization/razor-pages-authorization/samples/3.x/AuthorizationSample/appsettings.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "Logging": {
-    "LogLevel": {
-      "Default": "Warning"
-    }
-  },
-  "AllowedHosts": "*"
-}
diff --git a/aspnetcore/test/integration-tests.md b/aspnetcore/test/integration-tests.md
index 797bc9a8c099..ce27e00bdee9 100644
--- a/aspnetcore/test/integration-tests.md
+++ b/aspnetcore/test/integration-tests.md
@@ -321,7 +321,7 @@ Tests in the `AuthTests` class check that a secure endpoint:
 * Redirects an unauthenticated user to the app's sign in page.
 * Returns content for an authenticated user.
 
-In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization#require-authorization-to-access-a-page).
+In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions#require-authorization-to-access-a-page).
 
 [!code-csharp[](~/../AspNetCore.Docs.Samples/test/integration-tests/10.x/IntegrationTestsSample/src/RazorPagesProject/Program.cs?name=snippet1)]
 
diff --git a/aspnetcore/test/integration-tests/includes/integration-tests5.md b/aspnetcore/test/integration-tests/includes/integration-tests5.md
index cd2691b85e8e..f2a1ab1b62cb 100644
--- a/aspnetcore/test/integration-tests/includes/integration-tests5.md
+++ b/aspnetcore/test/integration-tests/includes/integration-tests5.md
@@ -208,7 +208,7 @@ Tests in the `AuthTests` class check that a secure endpoint:
 * Redirects an unauthenticated user to the app's Login page.
 * Returns content for an authenticated user.
 
-In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization#require-authorization-to-access-a-page).
+In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions#require-authorization-to-access-a-page).
 
 [!code-csharp[](~/test/integration-tests/samples/3.x/IntegrationTestsSample/src/RazorPagesProject/Startup.cs?name=snippet1)]
 
diff --git a/aspnetcore/test/integration-tests/includes/integration-tests7.md b/aspnetcore/test/integration-tests/includes/integration-tests7.md
index 038032ad2ec4..940619c2085a 100644
--- a/aspnetcore/test/integration-tests/includes/integration-tests7.md
+++ b/aspnetcore/test/integration-tests/includes/integration-tests7.md
@@ -212,7 +212,7 @@ Tests in the `AuthTests` class check that a secure endpoint:
 * Redirects an unauthenticated user to the app's sign in page.
 * Returns content for an authenticated user.
 
-In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization#require-authorization-to-access-a-page).
+In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions#require-authorization-to-access-a-page).
 
 [!code-csharp[](~/../AspNetCore.Docs.Samples/test/integration-tests/7.x/IntegrationTestsSample/src/RazorPagesProject/Program.cs?name=snippet1)]
 
diff --git a/aspnetcore/test/integration-tests/includes/integration-tests8.md b/aspnetcore/test/integration-tests/includes/integration-tests8.md
index ccda49fa2203..a76460e33415 100644
--- a/aspnetcore/test/integration-tests/includes/integration-tests8.md
+++ b/aspnetcore/test/integration-tests/includes/integration-tests8.md
@@ -212,7 +212,7 @@ Tests in the `AuthTests` class check that a secure endpoint:
 * Redirects an unauthenticated user to the app's sign in page.
 * Returns content for an authenticated user.
 
-In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization#require-authorization-to-access-a-page).
+In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions#require-authorization-to-access-a-page).
 
 [!code-csharp[](~/../AspNetCore.Docs.Samples/test/integration-tests/8.x/IntegrationTestsSample/src/RazorPagesProject/Program.cs?name=snippet1)]
 
diff --git a/aspnetcore/test/integration-tests/includes/integration-tests9.md b/aspnetcore/test/integration-tests/includes/integration-tests9.md
index 7a75aaccca40..53c5dbd9cae1 100644
--- a/aspnetcore/test/integration-tests/includes/integration-tests9.md
+++ b/aspnetcore/test/integration-tests/includes/integration-tests9.md
@@ -324,7 +324,7 @@ Tests in the `AuthTests` class check that a secure endpoint:
 * Redirects an unauthenticated user to the app's sign in page.
 * Returns content for an authenticated user.
 
-In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:security/authorization/razor-pages-authorization#require-authorization-to-access-a-page).
+In the SUT, the `/SecurePage` page uses an <xref:Microsoft.Extensions.DependencyInjection.PageConventionCollectionExtensions.AuthorizePage%2A> convention to apply an <xref:Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter> to the page. For more information, see [Razor Pages authorization conventions](xref:razor-pages/security/authorization/conventions#require-authorization-to-access-a-page).
 
 [!code-csharp[](~/../AspNetCore.Docs.Samples/test/integration-tests/9.x/IntegrationTestsSample/src/RazorPagesProject/Program.cs?name=snippet1)]
 
diff --git a/aspnetcore/toc.yml b/aspnetcore/toc.yml
index 60dba7844c64..b78dae546522 100644
--- a/aspnetcore/toc.yml
+++ b/aspnetcore/toc.yml
@@ -571,6 +571,8 @@ items:
                 items:
                   - name: Simple authorization
                     uid: razor-pages/security/authorization/simple
+                  - name: Authorization conventions
+                    uid: razor-pages/security/authorization/conventions
       - name: MVC
         items:
           - name: Overview
@@ -2074,8 +2076,6 @@ items:
             uid: security/authorization/introduction
           - name: Create a web app with authorization
             uid: security/authorization/secure-data
-          - name: Razor Pages authorization conventions
-            uid: security/authorization/razor-pages-authorization
           - name: Simple authorization
             uid: security/authorization/simple
           - name: Custom authorization with IAuthorizationRequirementData