The antiforgery token could not be decrypted

Question

I have a customer who is getting the below message and their non prod environment is unusable. Would they need to reach out to MS as this is a Microsoft exception?

Category: Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery
EventId: 7
SpanId: 0309bd647ee93dbb
TraceId: 4cefed6e1e4819386f968508f75281dc
ParentId: 0000000000000000
RequestId: 8000006e-0001-c000-b63f-84710c7967bb
RequestPath: /FSMCRP/WebClient/
ActionId: 409bced6-9d2e-4714-9d82-c18a59db81bc
ActionName: FSM.WebClient.Server.Controllers.HomeController.Index (FSM.WebClient)

An exception was thrown while deserializing the token.

Exception:
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
---> System.Security.Cryptography.CryptographicException: The key {accf16bb-cd1f-4afc-ad53-f12920cef1ca} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte(] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Bytec] protectedData)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)

Page 1 / 1

Hi Ann,

can you please provide more details, e.g. environment setup / architecture details, load balancing in-place?

I saw this error once for a customer who had load balancing. Basically, it might be related to the load balancer configuration (persistency?) and eventually incorrect configured FSM endpoints.

Best regards
Roman

@roklde they do have load balancing in place, that I know for sure. I have also asked the customer if they could do a comparison of their OS level and .Net version from their CRP environment that is having the issue against an environment that is working properly.

@Ann Degroat they need to make sure that the recommendations for load balanced environments are implemented as described in the Installation guide:

Especially, the last point is crucial to avoid any issues with user sessions.

Best regards
Roman

Reply

roklde · Accepted Answer

@Ann Degroatthey need to make sure that the recommendations for load balanced environments are implemented as described in the Installation guide:Especially, the last point is crucial to avoid any issues with user sessions.Best regardsRoman

roklde · Answer

Hi Ann,can you please provide more details, e.g. environment setup / architecture details, load balancing in-place?I saw this error once for a customer who had load balancing. Basically, it might be related to the load balancer configuration (persistency?) and eventually incorrect configured FSM endpoints.Best regardsRoman

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded