System.ArgumentException: An item with the same key has already been added

Question

I configured ADFS on Windows Server 2012 and when i tried to access https://abc-idfs.cloudapp.net/adfs/ls/IdpInitiatedSignOn.aspx i got an error as:

Exception details: 
System.ArgumentException: An item with the same key has already been added.
   at System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add)
   at Microsoft.IdentityServer.Web.HomeRealmModule.FindApplicableRealms(ProtocolContext context, Boolean needsIDPInstance)
   at Microsoft.IdentityServer.Web.HomeRealmModule.DiscoverHomeRealm(PassiveProtocolHandler pHandler, ProtocolContext context)
   at Microsoft.IdentityServer.Web.PassiveProtocolListener.GetAuthenticationMethods(PassiveProtocolHandler protocolHandler, ProtocolContext protocolContext)
   at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)

I cannot understand where I am going wrong

Happens to me as well. Can't find any answer to that. Did you find any solution\workaround ? — liorafar, Aug 27 '15 at 07:20
Yes I found the answer, create entry for attribute only in relying party claims not in claims trust party. — Rajat Nigam, Aug 27 '15 at 11:00
@Rajat: would you consider adding a full answer? liorafar seems to be stuck on this issue. — halfer, Aug 27 '15 at 17:04

score 0 · Answer 1 · answered May 23 '16 at 15:51

This happened to me a number of times when setting up new ADFS servers from scratch. In my case I have powershell code that sets up the server, but it was always giving me this error after the script ran so I knew it was something in the configuration and not with ADFS itself.

So in the end the problem was in my case: Claims provider identifier needs to have https:// instead of http://

To check the value of this setting, open up AD FS management UI, expand Trust Relationships, Select Claims Provider Trusts, select your claims provider and right click and select properties, then go to Identifiers tab and look at the Claims provider identifier - if this value does not have https:// and you are using certs to handle service communications, you will get event id 364 in your logs with this exact message.

364 can occur for a number of reasons, not just the one I am mentioning here, but this issue is so simple that it could be easily overlooked. Hope this helps someone.

score 0 · Answer 2 · answered Nov 03 '21 at 15:16

I found that an additional Claims Provider Trust with a Federation Metadata Address pointing at the ADFS server itself results in the same error. Disabling this additional Claims Provider Trust prevented the error from occurring.

To check for this situation, open the AD FS management console and navigate to AD FS -> Trust Relationships -> Claims Provider Trusts. Review any Claims Provider Trusts present beyond the default "Active Directory" item to see if its Federation Metadata URL refers to the ADFS server itself. Disable the Claims Provider Trust using the context menu or Actions sidebar and see if the error goes away.

System.ArgumentException: An item with the same key has already been added

2 Answers2

Linked