Application always give an exception: An exception was thrown while deserializing the token. The antiforgery token could not be decrypted

Question

I'm using asp.net core 2.2.1

I was published my code on IIS. Whenever i run my application first time its give an exception like below:

Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery|ERROR|An exception was thrown while deserializing the token. The antiforgery token could not be decrypted.

I have tryed to resolve this issue from last 5 days,refer to many links but no result. I also try following for disabled the AntiForgery but no result.

services.AddDataProtection().DisableAutomaticKeyGeneration();

Is this any way to disabled Antiforgery or any other solution to resolve an issue for same.

Answer 1

Most likely the token has been encrypted previously with a key that is not the one used by your server at the moment he emits this exception. Could you try persisting your key somewhere so that when it restarts it always use the same key, using for instance https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-3.1#persistkeystofilesystem ?

You should also check the logs because one of the first thing you app will log is about the key. For instance, if you don't persist it, you can get some logs like: "Using an in-memory repository. Keys will not be persisted to storage." So please, check that out.