Thank you Steve for coming back to share your solution! Very helpful. I ran into a similar problem and about pulled my hair out even trying to identify the culprit - worked on one page, not another.

I just wanted to share one other mention, sourced from the official documentation on anti-forgery in ASP.NET Core: https://learn.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-9.0#antiforgery-in-aspnet-core

If you simply have a form with method="post" in one of your Razor pages, even without an action and even if not otherwise used for anything, it will automatically create the hidden input you referenced. Didn't have to add anything to Program.cs or form attribute additions.