The anti-forgery token could not be decrypted
The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the <machineKey> configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster.

This page, produced by us, contains an ID (antiforgerytoken). It is new each time.

It is generated from a key value on the server (machineKey).

If you have a webfarm (more than one frontend), this key value on the server should be the same for all servers.

When ASP.NET gets a postback from a page with an anti-forgery token, it tries to verify it.

The goal is to avoid someone taking an old page and re-posting it multiple times.

If you wait for a long time from page gen to postback, the token may expire.

This page was edited 25 days ago on 11/28/2024. What links here