diff --git a/src/Microsoft.AspNetCore.Identity/IdentityServiceCollectionExtensions.cs b/src/Microsoft.AspNetCore.Identity/IdentityServiceCollectionExtensions.cs
index af0d7e62eb..386084e8a0 100644
--- a/src/Microsoft.AspNetCore.Identity/IdentityServiceCollectionExtensions.cs
+++ b/src/Microsoft.AspNetCore.Identity/IdentityServiceCollectionExtensions.cs
@@ -8,7 +8,7 @@ using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection.Extensions;
-using Microsoft.Extensions.Options;
+using Microsoft.Extensions.Options.Infrastructure;
 
 namespace Microsoft.Extensions.DependencyInjection
 {
@@ -17,10 +17,10 @@ namespace Microsoft.Extensions.DependencyInjection
     /// </summary>
     public static class IdentityServiceCollectionExtensions
     {
-        internal class IdentityConfigureOptions : ConfigureOptions<IdentityOptions>
+        internal class IdentityConfigureOptions : ConfigureDefaultOptions<IdentityOptions>
         {
             public IdentityConfigureOptions(IConfiguration config) :
-                base(options => config.GetSection("Identity").Bind(options))
+                base(options => config.GetSection("Microsoft:AspNetCore:Identity").Bind(options))
             { }
         }
 
@@ -119,7 +119,7 @@ namespace Microsoft.Extensions.DependencyInjection
             services.TryAddScoped<SignInManager<TUser>, SignInManager<TUser>>();
             services.TryAddScoped<RoleManager<TRole>, AspNetRoleManager<TRole>>();
 
-            services.AddSingleton<IConfigureOptions<IdentityOptions>, IdentityConfigureOptions>();
+            services.AddSingleton<ConfigureDefaultOptions<IdentityOptions>, IdentityConfigureOptions>();
             if (setupAction != null)
             {
                 services.Configure(setupAction);
diff --git a/test/Microsoft.AspNetCore.Identity.Test/IdentityOptionsTest.cs b/test/Microsoft.AspNetCore.Identity.Test/IdentityOptionsTest.cs
index d3cca4b972..5c19c14e20 100644
--- a/test/Microsoft.AspNetCore.Identity.Test/IdentityOptionsTest.cs
+++ b/test/Microsoft.AspNetCore.Identity.Test/IdentityOptionsTest.cs
@@ -8,6 +8,7 @@ using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
+using Microsoft.Extensions.Options.Infrastructure;
 using Xunit;
 
 namespace Microsoft.AspNetCore.Identity.Test
@@ -48,27 +49,28 @@ namespace Microsoft.AspNetCore.Identity.Test
 
             var dic = new Dictionary<string, string>
             {
-                {"identity:claimsidentity:roleclaimtype", roleClaimType},
-                {"identity:claimsidentity:usernameclaimtype", usernameClaimType},
-                {"identity:claimsidentity:useridclaimtype", useridClaimType},
-                {"identity:claimsidentity:securitystampclaimtype", securityStampClaimType},
-                {"identity:user:requireUniqueEmail", "true"},
-                {"identity:password:RequiredLength", "10"},
-                {"identity:password:RequiredUniqueChars", "5"},
-                {"identity:password:RequireNonAlphanumeric", "false"},
-                {"identity:password:RequireUpperCase", "false"},
-                {"identity:password:RequireDigit", "false"},
-                {"identity:password:RequireLowerCase", "false"},
-                {"identity:lockout:AllowedForNewUsers", "FALSe"},
-                {"identity:lockout:MaxFailedAccessAttempts", "1000"}
+                {"microsoft:aspnetcore:identity:claimsidentity:roleclaimtype", roleClaimType},
+                {"microsoft:aspnetcore:identity:claimsidentity:usernameclaimtype", usernameClaimType},
+                {"microsoft:aspnetcore:identity:claimsidentity:useridclaimtype", useridClaimType},
+                {"microsoft:aspnetcore:identity:claimsidentity:securitystampclaimtype", securityStampClaimType},
+                {"microsoft:aspnetcore:identity:user:requireUniqueEmail", "true"},
+                {"microsoft:aspnetcore:identity:password:RequiredLength", "10"},
+                {"microsoft:aspnetcore:identity:password:RequiredUniqueChars", "5"},
+                {"microsoft:aspnetcore:identity:password:RequireNonAlphanumeric", "false"},
+                {"microsoft:aspnetcore:identity:password:RequireUpperCase", "false"},
+                {"microsoft:aspnetcore:identity:password:RequireDigit", "false"},
+                {"microsoft:aspnetcore:identity:password:RequireLowerCase", "false"},
+                {"microsoft:aspnetcore:identity:lockout:AllowedForNewUsers", "FALSe"},
+                {"microsoft:aspnetcore:identity:lockout:MaxFailedAccessAttempts", "1000"}
             };
             var builder = new ConfigurationBuilder();
             builder.AddInMemoryCollection(dic);
             var config = builder.Build();
-            Assert.Equal(roleClaimType, config["identity:claimsidentity:roleclaimtype"]);
+            Assert.Equal(roleClaimType, config["microsoft:aspnetcore:identity:claimsidentity:roleclaimtype"]);
 
-            var services = new ServiceCollection();
-            services.AddSingleton<IConfiguration>(config);
+            var services = new ServiceCollection()
+                .AddSingleton<IConfiguration>(config)
+                .AddSingleton<IConfigureOptions<IdentityOptions>, ConfigureDefaults<IdentityOptions>>();
             services.AddIdentity<TestUser,TestRole>();
             var accessor = services.BuildServiceProvider().GetRequiredService<IOptions<IdentityOptions>>();
             Assert.NotNull(accessor);
@@ -94,14 +96,14 @@ namespace Microsoft.AspNetCore.Identity.Test
         {
             var dic = new Dictionary<string, string>
             {
-                {"identity:user:requireUniqueEmail", "true"},
-                {"identity:lockout:MaxFailedAccessAttempts", "1000"}
+                {"microsoft:aspnetcore:identity:user:requireUniqueEmail", "true"},
+                {"microsoft:aspnetcore:identity:lockout:MaxFailedAccessAttempts", "1000"}
             };
             var builder = new ConfigurationBuilder();
             builder.AddInMemoryCollection(dic);
-            var config = builder.Build();
-            var services = new ServiceCollection();
-            services.AddSingleton<IConfiguration>(config);
+            var services = new ServiceCollection()
+                .AddSingleton<IConfiguration>(builder.Build())
+                .AddSingleton<IConfigureOptions<IdentityOptions>, ConfigureDefaults<IdentityOptions>>();
             services.AddIdentity<TestUser, TestRole>(o => { o.User.RequireUniqueEmail = false; o.Lockout.MaxFailedAccessAttempts++; });
             var accessor = services.BuildServiceProvider().GetRequiredService<IOptions<IdentityOptions>>();
             Assert.NotNull(accessor);
@@ -113,9 +115,7 @@ namespace Microsoft.AspNetCore.Identity.Test
         [Fact]
         public void CanCustomizeIdentityOptions()
         {
-            var services = new ServiceCollection()
-                .AddSingleton<IConfiguration>(new ConfigurationBuilder().Build())
-                .Configure<IdentityOptions>(options => options.Password.RequiredLength = -1);
+            var services = new ServiceCollection().Configure<IdentityOptions>(options => options.Password.RequiredLength = -1);
             services.AddIdentity<TestUser,TestRole>();
             var serviceProvider = services.BuildServiceProvider();
 
@@ -135,8 +135,7 @@ namespace Microsoft.AspNetCore.Identity.Test
         [Fact]
         public void CanSetupIdentityOptions()
         {
-            var services = new ServiceCollection()
-                .AddSingleton<IConfiguration>(new ConfigurationBuilder().Build());
+            var services = new ServiceCollection();
             services.AddIdentity<TestUser,TestRole>(options => options.User.RequireUniqueEmail = true);
             var serviceProvider = services.BuildServiceProvider();