diff --git a/src/Web/WebMVC/Extensions/Extensions.cs b/src/Web/WebMVC/Extensions/Extensions.cs
index 58ad01203..4118f167a 100644
--- a/src/Web/WebMVC/Extensions/Extensions.cs
+++ b/src/Web/WebMVC/Extensions/Extensions.cs
@@ -2,21 +2,21 @@
 // Refer to https://github.com/dotnet-architecture/eShopOnContainers/issues/1391
 internal static class Extensions
 {
-    public static void AddHealthChecks(this WebApplicationBuilder builder)
+    public static void AddHealthChecks(this IServiceCollection services, IConfiguration configuration)
     {
-        builder.Services.AddHealthChecks()
-            .AddUrlGroup(_ => new Uri(builder.Configuration["IdentityUrlHC"]), name: "identityapi-check", tags: new string[] { "identityapi" });
+        services.AddHealthChecks()
+            .AddUrlGroup(_ => new Uri(configuration["IdentityUrlHC"]), name: "identityapi-check", tags: new string[] { "identityapi" });
     }
 
-    public static void AddApplicationSevices(this WebApplicationBuilder builder)
+    public static void AddApplicationSevices(this IServiceCollection services, IConfiguration configuration)
     {
-        builder.Services.Configure<AppSettings>(builder.Configuration)
-            .AddSession()
-            .AddDistributedMemoryCache();
+        services.Configure<AppSettings>(configuration)
+                .AddSession()
+                .AddDistributedMemoryCache();
 
-        if (builder.Configuration["DPConnectionString"] is string redisConnection)
+        if (configuration["DPConnectionString"] is string redisConnection)
         {
-            builder.Services.AddDataProtection(opts =>
+            services.AddDataProtection(opts =>
             {
                 opts.ApplicationDiscriminator = "eshop.webmvc";
             })
@@ -25,39 +25,38 @@ internal static class Extensions
     }
 
     // Adds all Http client services
-    public static void AddHttpClientServices(this WebApplicationBuilder builder)
+    public static void AddHttpClientServices(this IServiceCollection services)
     {
         // Register delegating handlers
-        builder.Services.AddTransient<HttpClientAuthorizationDelegatingHandler>()
+        services.AddTransient<HttpClientAuthorizationDelegatingHandler>()
             .AddTransient<HttpClientRequestIdDelegatingHandler>();
 
         // Add http client services
-        builder.Services.AddHttpClient<IBasketService, BasketService>()
+        services.AddHttpClient<IBasketService, BasketService>()
                 .SetHandlerLifetime(TimeSpan.FromMinutes(5))  //Sample. Default lifetime is 2 minutes
                 .AddHttpMessageHandler<HttpClientAuthorizationDelegatingHandler>();
 
-        builder.Services.AddHttpClient<ICatalogService, CatalogService>();
+        services.AddHttpClient<ICatalogService, CatalogService>();
 
-        builder.Services.AddHttpClient<IOrderingService, OrderingService>()
+        services.AddHttpClient<IOrderingService, OrderingService>()
                 .AddHttpMessageHandler<HttpClientAuthorizationDelegatingHandler>()
                 .AddHttpMessageHandler<HttpClientRequestIdDelegatingHandler>();
 
 
         //add custom application services
-        builder.Services.AddTransient<IIdentityParser<ApplicationUser>, IdentityParser>();
+        services.AddTransient<IIdentityParser<ApplicationUser>, IdentityParser>();
     }
 
-    public static void AddAuthenticationServices(this WebApplicationBuilder builder)
+    public static void AddAuthenticationServices(this IServiceCollection services, IConfiguration configuration)
     {
         JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Remove("sub");
 
-        var identityUrl = builder.Configuration.GetRequiredValue("IdentityUrl");
-        var callBackUrl = builder.Configuration.GetRequiredValue("CallBackUrl");
-        var sessionCookieLifetime = builder.Configuration.GetValue("SessionCookieLifetimeMinutes", 60);
+        var identityUrl = configuration.GetRequiredValue("IdentityUrl");
+        var callBackUrl = configuration.GetRequiredValue("CallBackUrl");
+        var sessionCookieLifetime = configuration.GetValue("SessionCookieLifetimeMinutes", 60);
 
         // Add Authentication services
-
-        builder.Services.AddAuthentication(options =>
+        services.AddAuthentication(options =>
         {
             options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
             options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
diff --git a/src/Web/WebMVC/Program.cs b/src/Web/WebMVC/Program.cs
index fac986d73..8939a24c9 100644
--- a/src/Web/WebMVC/Program.cs
+++ b/src/Web/WebMVC/Program.cs
@@ -4,10 +4,10 @@ builder.AddServiceDefaults();
 
 builder.Services.AddControllersWithViews();
 
-builder.AddHealthChecks();
-builder.AddApplicationSevices();
-builder.AddHttpClientServices();
-builder.AddAuthenticationServices();
+builder.Services.AddHealthChecks(builder.Configuration);
+builder.Services.AddApplicationSevices(builder.Configuration);
+builder.Services.AddAuthenticationServices(builder.Configuration);
+builder.Services.AddHttpClientServices();
 
 var app = builder.Build();
 
@@ -20,11 +20,6 @@ app.UseSession();
 // Refer to https://github.com/dotnet-architecture/eShopOnContainers/issues/1391
 app.UseCookiePolicy(new CookiePolicyOptions { MinimumSameSitePolicy = SameSiteMode.Lax });
 
-app.UseRouting();
-
-app.UseAuthentication();
-app.UseAuthorization();
-
 app.MapControllerRoute("default", "{controller=Catalog}/{action=Index}/{id?}");
 app.MapControllerRoute("defaultError", "{controller=Error}/{action=Error}");
 app.MapControllers();