This month, I have been doing some integration work with ThinkTecture Identity Server v2. I have been getting a few fun errors and I’d like to talk about some of my favorites. Perhaps you will encounter some of these. If so, I hope my solutions will save you some time and stress.
Before I start, let me be clear: the Identity Server product itself is pretty nice. It is stable and reliable. The not-so-nice behavior is the direct result of me and my mistakes as I learn to configure things properly. As I tried to set it up and configure it, I learned from several mistakes (on my part).
- Error occurred during a cryptographic operation
- ID2057: Cannot construct a X509SigningCredentials instance for a certificate without the private key.
Parameter name: token
- Change the authenticationmethod claim to be an absolute uri
- The required anti-forgery cookie “**********” is not present
- I’m logged-in, everything works, but I don’t see the [Administration] link
- ID1044: An encrypted security token was received at the relying party which could not be decrypted. Configure the relying party with a suitable decryption certificate. Current relying party decryption certificate info: …
- ID3206: A SignInResponse message may only redirect within the current web application: ‘/’ is not allowed
- ID4022: The key needed to decrypt the encrypted security token could not be resolved. Ensure that the SecurityTokenResolver is populated with the required key
- WIF10201: No valid key mapping found for securityToken
- Error 500: The grand daddy of them all
Over the next two weeks, I will post my findings about these errors and link-back to each article.