Gunaatita Blogs | Outsource Software Product Development | Outsource Software Development

If you are getting "invalid token" error on confirming email using UserManager.ConfirmEmailAsync, then there might be two reasons:

Reason #1 : The Call back Url is modified by browser.

Solution : Try doing Encode Callback Url before sending in mail.

string code = HttpUtility.UrlEncode(UserManager.GenerateEmailConfirmationToken(userID));

Reason #2 : The Confirmation token (UserManager.GenerateEmailConfirmationToken) is generated on one server and the mail confirmation code is on another server.

Solution : As confirmation token is generated using machine key and security stamp, so the machine key should be consistent on both server. So add same machineKey under system.web in configuration file of both the application as below:

<system.web>
  <machineKey validationKey="883A787F3B793567817EA540DCA4285B1A695C58A38B3493E1E69821148E5E6B5032F61813DF81B9731AB5F8AF7ECA3A75429E38D6513408E86ED4AC77243439" decryptionKey="7F0884CE1698D23538D4FC3670FD122FCF856645518617B7" validation="SHA1" decryption="Auto"/>
</system.web>

Machine validation key and decryption key can be generated using iis.

Invalid Token Error on Email Confirmation in Aspnet Identity

Related

Categories