Server Error in ‘/RPTestSite’ Application.
WIF10201: No valid key mapping found for securityToken: ‘System.IdentityModel.Tokens.X509SecurityToken’ and issuer: ‘htt…com/IdentityServer’.
This one was caused by Load-balanced Identity Servers. Somehow, my admin got two different certificates with similar names. Normally, if you are not using the exact same cert on both servers, one server will work and the other server will have errors. However, since Identity Server seems to look up the certificates by their names, if the names (of the certificates) are the same, then the identity server will use the two different certificates without an error, but the thumbprints will be different.
In that case, your RP (config) needs to add thumbprints for both servers (they DEFINITELY will be different).
So, for your RP, in the web.config, under
\system.identityModel\identityConfiguration\issuerNameRegistry\authority\ name=(certificate issuer) (and under) .\keys\
make sure there is one “add thumbprint” entry for each server.