On this line i am getting an exception -

OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName);

System.Web.Security.MembershipCreateUserException: The username supplied is invalid.

The data going into this is

• provider - "facebook"
• providerUserId - "1321311387573991"
• model.UserName - "Max Payne"

The initialization works fine using

WebSecurity.InitializeDatabaseConnection("club", "User", "UserID", "UserName", autoCreateTables: true);

I cannot find any examples of why it says the username is invalid? Is there a criteria somewhere that defines what is a correct user name?

I was similarly looking for an explanation to this. I'm not sure I fully understand, but after experimentation, debugging, and watching intellitrace events, it seems CreateOrUpdateAccount is creating or updating an entry in the OAuthMembership table with just Provider, ProviderUserId, and UserId which is determined by querying [in my case] the UserProfile table based on this unique UserName. This way, if you call CreateOrUpdateAccount with a different provider and providerUserId, but the same username, then both provider sign ins are tied to the same user account in your app.

I had to add a UserProfile before I could create/update the corresponding OAuthMembership record. In the VS template, it looked something like this:

db.UserProfiles.Add(new UserProfile { UserName = model.UserName }); 
db.SaveChanges();

OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName);

I had the same problem. I solved it by specifying the correct connection string in SimpleMembershipInitializer and UsersContext class. I'm using ASP.NET MVC4

It might be that you are already logged on @ localhost as somebody on another site you are developing. And you use same name authentication cookie (default is .aspxauth). So when you call CreateOrUpdate it tries to add another credential to your already "registered" profile. But fails, because it is not in database.

To resolve the issue you then have to delete the authentication cookie from browser and login again.

According to MSDN (http://msdn.microsoft.com/en-us/library/82xx2e62.aspx) the Membership Class can't support usernames with a comma or null, spaces are OK (as are non ascii characters).

The CreateUser method will return null if password is an empty string or null, username is an empty string or null or contains a comma (,), passwordQuestion is not null and is an empty string, or passwordAnswer is not null and contains an empty string.

For me, this error happened in my Seed override. As rgnever pointed the username not existing is referring to the UserProfile table. To fix it the User and Account have to be created first before creating the OAuth.

So, instead of my Seed override ONLY calling:

membership.CreateOrUpdateOAuthAccount(provider, providerid, providername);

it now calls:

membership.CreateUserAndAccount(providername, null);
membership.CreateOrUpdateOAuthAccount(provider, providerid, providername);

Note: The null password means the user cannot log in via a login form because the supplied password will never be null. I'm only using OAuth so it's not an issue for me.

Username also shouldn't have a space like "Max Payne"