Skip to main content
Solved

The antiforgery token could not be decrypted

  • February 17, 2023
  • 3 replies
  • 2793 views
Ann Degroat
Hero (Employee)
Forum|alt.badge.img+13

I have a customer who is getting the below message and their non prod environment is unusable. Would they need to reach out to MS as this is a Microsoft exception?

 

Category: Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery
EventId: 7
SpanId: 0309bd647ee93dbb
TraceId: 4cefed6e1e4819386f968508f75281dc
ParentId: 0000000000000000
RequestId: 8000006e-0001-c000-b63f-84710c7967bb
RequestPath: /FSMCRP/WebClient/
ActionId: 409bced6-9d2e-4714-9d82-c18a59db81bc
ActionName: FSM.WebClient.Server.Controllers.HomeController.Index (FSM.WebClient)

An exception was thrown while deserializing the token.

Exception: 
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted.
 ---> System.Security.Cryptography.CryptographicException: The key {accf16bb-cd1f-4afc-ad53-f12920cef1ca} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
   at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   --- End of inner exception stack trace ---
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
   at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)

Best answer by roklde

@Ann Degroat they need to make sure that the recommendations for load balanced environments are implemented as described in the Installation guide:
 

Especially, the last point is crucial to avoid any issues with user sessions.

Best regards
Roman

View original
Ann DeGroat
Did this topic help you find an answer to your question?

3 replies

roklde
Superhero (Employee)
Forum|alt.badge.img+26
  • roklde
  • Superhero (Employee)
  • 749 replies
  • February 22, 2023

Hi Ann,

can you please provide more details, e.g. environment setup / architecture details, load balancing in-place?

I saw this error once for a customer who had load balancing. Basically, it might be related to the load balancer configuration (persistency?) and eventually incorrect configured FSM endpoints.
 

Best regards
Roman

Ann Degroat
Hero (Employee)
Forum|alt.badge.img+13
  • Ann Degroat
  • Author
  • Hero (Employee)
  • 89 replies
  • February 22, 2023

@roklde they do have load balancing in place, that I know for sure. I have also asked the customer if they could do a comparison of their OS level and .Net version from their CRP environment that is having the issue against an environment that is working properly. 

Ann DeGroat
roklde
Superhero (Employee)
Forum|alt.badge.img+26
  • roklde
  • Superhero (Employee)
  • 749 replies
  • Answer
  • February 24, 2023

@Ann Degroat they need to make sure that the recommendations for load balanced environments are implemented as described in the Installation guide:
 

Especially, the last point is crucial to avoid any issues with user sessions.

Best regards
Roman

Reply


Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings