The antiforgery token could not be decrypted ERROR

lawrence whittemore asked on January 6, 2023 16:12

An exception was thrown while deserializing the token.
Message: The antiforgery token could not be decrypted.

Exception type: Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException
Stack trace:
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)

I've noticed this error on our intranet site, I have not seen it on the front end myself but it is all through the event log. I did see this question on it before https://devnet.kentico.com/questions/error-400-with-kentico-form but wasn't sure what direction I need to go to solve it. I Was looking at this info https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-6.0 but I am not really sure which method of storing the keys applies to kentico.

Recent Answers

Not Applicable answered on January 16, 2023 15:56

You can persist the keys to Azure Blob Storage and protect them with a key in the Azure KeyVault. Something like:

builder.Services.AddDataProtection()
    .PersistKeysToAzureBlobStorage(azureStorageConnectionString, azureStorageContainerName, azureStorageBlobName)
    .ProtectKeysWithAzureKeyVault(new Uri($"{azureKeyVaultEndPoint}/keys/{azureDataProtectionKeyVaultKeyName}"), new DefaultAzureCredential())
0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.