-1

I have developed a web application in Asp.Net MVC using c# language with code first approach, the application is deployed in actual web server and functioning pretty much well except this error that shows up few times.

The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the <machineKey> configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster

The reason that i called this error strange is that it is unexpected, It means that it occurs sometimes but not always.

For example, when i try to log in to a single account of my application (For eg to Account of John) from two different computers then I may or may not get this error.

Now this unexpected nature of this error can't allow me to figure out where the actual problem is?

Kindly provide your suggestions or comments that could help me figure out this issue.

Thanks in advance.

John Kamaal
  • 129
  • 8

1 Answers1

2

Have you defined MachineKey in your web.config file? If NO you can follow the article below to see how you could easily create it with IIS Manager

Setting Up the Machine Key Using IIS Manager

<configuration>
  <system.web>
    <machineKey decryptionKey="Decryption key goes here,IsolateApps" 
                validationKey="Validation key goes here,IsolateApps" />
  </system.web>
</configuration>

One big important note:

If you add anti-forgery token twice or more in your view, it could cause this problem. Check your views, shared, partials and see if you only add anti-forgery token once!

Ali Bahrami
  • 5,935
  • 3
  • 34
  • 53