I am developing test application for displaying claims of authenticated identity in MVC-ASP.net (Visual studio 2013) I have given authentication from active directory in following way.
1.Add new mvc project in solution . 2.click on Change authentication. 3.select organization account 4.select on premises. 5.given federation url 6.App Id url
After running the application i am getting following error.
WIF10201: No valid key mapping found for securityToken: 'System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'http://websso.avanade.com/adfs/services/trust'
This error is coming only for this federation for other federation i am able to see claims.
After searching on internet i am thinking that it is certificate(thumbprint) issue. But I am not clear with solutions.
Can anybody explain me why this error throwing and solution for the same.
Thanks in Advance !!!
I ran into this while trying to update a legacy MVC application to use AAD.
I based the changes on a newly created project with organizational authentication and noticed I did not have a connection string named
DefaultConnection
, which theDatabaseIssuerNameRegistry
assumes you will, nor did I have either of the required tables in the database.Using Vittorio Bertocci's great post with all the details, I refactored the code to integrate the new database tables, created and applied a migration, and inserted the appropriate key and tenant in the new
IssuingAuthorityKey
andTenant
tables, respectively. I also had to make sure to change theDatabaseIssueNameRegistry
to use the existingDbContext
.For solutions created in VS2013 and later, the solution should contain the logic to roll over keys automatically. No need to put the value in the web.config file.
You might run into this issue when migrating your solution from local to another environment. In that case you will probably try to point your solution to a new application in Azure Active Directory. Check the following:
If the values in both tables are still not populated automatically after these steps, check this article for steps on how to manually get the values.
There could be 2 causes for this error.
Missing thumbprint in web.config: Get the actual thumbprint from ADFS and put in web.config under the thumbprint tag
Mismatch in port number between the site and ADFS configuration: Update ADFS configuration with the url containing the correct port number
The second solution fixed it for me...