1

I have two Web applications, WCF and MVC which share same database. I am using Aspnet Identity 2.0

While registering new user, it creates confirmation token and sends email to the user. Creating token, sending email is mostly done in WCF, verification is done in MVC application.

var code = UserManager.GenerateEmailConfirmationToken(user.Id); string.Format("{0}/Account/ConfirmEmail?userId={1}&code={2}", WebsiteUrl, HttpUtility.UrlEncode(user.Id), HttpUtility.UrlEncode(codeId));

I am using same Data Protection Provider

In WCF

var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("MyTestApplication"); UserManager.UserTokenProvider = new Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider<ApplicationUser>( provider.Create("UserToken")) { TokenLifespan = TimeSpan.FromDays(7) };

In MVC

var dataProtectionProvider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("MyTestApplication"); manager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("UserToken")) { TokenLifespan = TimeSpan.FromDays(7) }; }

Source : Make ASP.NET Identity 2.0 Email confirm token work for WCF and MVC

Now to my Problem

  1. Works fine in localhost and qa. Tested ok on SSL in localhost too.

  2. Fails on Production (uses SSL). Generating token from WCF and validating in MVC fails.

  3. Generating and Validating in same Application works.

How is this invalid token error occuring? Has web.config anything to do with it?

Improve this question

1 Answer 1

Reset to default
2

Found the problem.

It was the application pools in IIS. I was using different application pool for WCF and MVC application. Now i put it in same application pool and is working fine.

Additional Info: For those having same problem and my solution doesn't fix the problem then you might want to try machineKey.

http://gunaatita.com/blog/Invalid-Token-Error-on-Email-Confirmation-in-Aspnet-Identity/1056

PS. I almost always find answer myself after i post it on stackoverflow. Thank you.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks! the HttpUtility.UrlEncode did the trick for me, already had machineKey configured. For others about machineKey, this is also a good answer that helped me for generating: stackoverflow.com/questions/23455579/…

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.