diff --git a/src/Umbraco.Tests.UnitTests/TestHelpers/Objects/TestUmbracoContextFactory.cs b/src/Umbraco.Tests.UnitTests/TestHelpers/Objects/TestUmbracoContextFactory.cs
index 15c2e91bc5..4c0578c0be 100644
--- a/src/Umbraco.Tests.UnitTests/TestHelpers/Objects/TestUmbracoContextFactory.cs
+++ b/src/Umbraco.Tests.UnitTests/TestHelpers/Objects/TestUmbracoContextFactory.cs
@@ -8,7 +8,6 @@ using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.PublishedCache;
 using Umbraco.Cms.Core.Routing;
-using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Web;
 using Umbraco.Cms.Tests.Common;
 using Umbraco.Cms.Web.Common.AspNetCore;
@@ -57,9 +56,6 @@ namespace Umbraco.Cms.Tests.UnitTests.TestHelpers.Objects
 
             IHostingEnvironment hostingEnvironment = TestHelper.GetHostingEnvironment();
 
-            var backofficeSecurityAccessorMock = new Mock<IBackOfficeSecurityAccessor>();
-            backofficeSecurityAccessorMock.Setup(x => x.BackOfficeSecurity).Returns(Mock.Of<IBackOfficeSecurity>());
-
             var umbracoContextFactory = new UmbracoContextFactory(
                 umbracoContextAccessor,
                 snapshotService.Object,
@@ -70,7 +66,7 @@ namespace Umbraco.Cms.Tests.UnitTests.TestHelpers.Objects
                 new UriUtility(hostingEnvironment),
                 new AspNetCoreCookieManager(httpContextAccessor),
                 Mock.Of<IRequestAccessor>(),
-                backofficeSecurityAccessorMock.Object);
+                httpContextAccessor);
 
             return umbracoContextFactory;
         }
diff --git a/src/Umbraco.Web.Common/UmbracoContext/UmbracoContext.cs b/src/Umbraco.Web.Common/UmbracoContext/UmbracoContext.cs
index c31fe4dd3e..901b3d613c 100644
--- a/src/Umbraco.Web.Common/UmbracoContext/UmbracoContext.cs
+++ b/src/Umbraco.Web.Common/UmbracoContext/UmbracoContext.cs
@@ -1,10 +1,10 @@
 using System;
+using Microsoft.AspNetCore.Http;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.Models.PublishedContent;
 using Umbraco.Cms.Core.PublishedCache;
 using Umbraco.Cms.Core.Routing;
-using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Web;
 using Umbraco.Extensions;
 
@@ -19,10 +19,10 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
         private readonly UriUtility _uriUtility;
         private readonly ICookieManager _cookieManager;
         private readonly IRequestAccessor _requestAccessor;
+        private readonly IHttpContextAccessor _httpContextAccessor;
         private readonly Lazy<IPublishedSnapshot> _publishedSnapshot;
         private string _previewToken;
         private bool? _previewing;
-        private readonly IBackOfficeSecurity _backofficeSecurity;
         private readonly UmbracoRequestPaths _umbracoRequestPaths;
         private Uri _originalRequestUrl;
         private Uri _cleanedUmbracoUrl;
@@ -33,13 +33,13 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
         // warn: does *not* manage setting any IUmbracoContextAccessor
         internal UmbracoContext(
             IPublishedSnapshotService publishedSnapshotService,
-            IBackOfficeSecurity backofficeSecurity,
             UmbracoRequestPaths umbracoRequestPaths,
             IHostingEnvironment hostingEnvironment,
             IVariationContextAccessor variationContextAccessor,
             UriUtility uriUtility,
             ICookieManager cookieManager,
-            IRequestAccessor requestAccessor)
+            IRequestAccessor requestAccessor,
+            IHttpContextAccessor httpContextAccessor)
         {
             if (publishedSnapshotService == null)
             {
@@ -51,10 +51,9 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
             _hostingEnvironment = hostingEnvironment;
             _cookieManager = cookieManager;
             _requestAccessor = requestAccessor;
-
+            _httpContextAccessor = httpContextAccessor;
             ObjectCreated = DateTime.Now;
             UmbracoRequestId = Guid.NewGuid();
-            _backofficeSecurity = backofficeSecurity ?? throw new ArgumentNullException(nameof(backofficeSecurity));
             _umbracoRequestPaths = umbracoRequestPaths;
 
             // beware - we cannot expect a current user here, so detecting preview mode must be a lazy thing
@@ -143,7 +142,7 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
             Uri requestUrl = _requestAccessor.GetRequestUrl();
             if (requestUrl != null
                 && _umbracoRequestPaths.IsBackOfficeRequest(requestUrl.AbsolutePath) == false
-                && _backofficeSecurity.CurrentUser != null)
+                && _httpContextAccessor.HttpContext?.GetCurrentIdentity() != null)
             {
                 var previewToken = _cookieManager.GetCookieValue(Core.Constants.Web.PreviewCookieName); // may be null or empty
                 _previewToken = previewToken.IsNullOrWhiteSpace() ? null : previewToken;
diff --git a/src/Umbraco.Web.Common/UmbracoContext/UmbracoContextFactory.cs b/src/Umbraco.Web.Common/UmbracoContext/UmbracoContextFactory.cs
index 8d199febd0..fb94139144 100644
--- a/src/Umbraco.Web.Common/UmbracoContext/UmbracoContextFactory.cs
+++ b/src/Umbraco.Web.Common/UmbracoContext/UmbracoContextFactory.cs
@@ -1,10 +1,10 @@
 using System;
+using Microsoft.AspNetCore.Http;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.Models.PublishedContent;
 using Umbraco.Cms.Core.PublishedCache;
 using Umbraco.Cms.Core.Routing;
-using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Web;
 
 namespace Umbraco.Cms.Web.Common.UmbracoContext
@@ -23,7 +23,7 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
         private readonly IHostingEnvironment _hostingEnvironment;
         private readonly ICookieManager _cookieManager;
         private readonly IRequestAccessor _requestAccessor;
-        private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
+        private readonly IHttpContextAccessor _httpContextAccessor;
         private readonly UriUtility _uriUtility;
 
         /// <summary>
@@ -39,7 +39,7 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
             UriUtility uriUtility,
             ICookieManager cookieManager,
             IRequestAccessor requestAccessor,
-            IBackOfficeSecurityAccessor backofficeSecurityAccessor)
+            IHttpContextAccessor httpContextAccessor)
         {
             _umbracoContextAccessor = umbracoContextAccessor ?? throw new ArgumentNullException(nameof(umbracoContextAccessor));
             _publishedSnapshotService = publishedSnapshotService ?? throw new ArgumentNullException(nameof(publishedSnapshotService));
@@ -50,7 +50,7 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
             _uriUtility = uriUtility ?? throw new ArgumentNullException(nameof(uriUtility));
             _cookieManager = cookieManager ?? throw new ArgumentNullException(nameof(cookieManager));
             _requestAccessor = requestAccessor ?? throw new ArgumentNullException(nameof(requestAccessor));
-            _backofficeSecurityAccessor = backofficeSecurityAccessor ?? throw new ArgumentNullException(nameof(backofficeSecurityAccessor));
+            _httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
         }
 
         private IUmbracoContext CreateUmbracoContext()
@@ -75,13 +75,13 @@ namespace Umbraco.Cms.Web.Common.UmbracoContext
 
             return new UmbracoContext(
                 _publishedSnapshotService,
-                _backofficeSecurityAccessor.BackOfficeSecurity,
                 _umbracoRequestPaths,
                 _hostingEnvironment,
                 _variationContextAccessor,
                 _uriUtility,
                 _cookieManager,
-                _requestAccessor);
+                _requestAccessor,
+                _httpContextAccessor);
         }
 
         /// <inheritdoc />