The anti-forgery token could not be decrypted: An Error in MVC.NET

Some errors are cryptic and it takes hours to fix, others tell you explicitly what is wrong but you have no idea what to do. This one is one of those errors. It is explicitly what is wrong. I ran into this when I was working on my Antiforgory stuff for a intranet system I was building. Yes, it was probably overkill to have it in an intranet system but there is no guarantee it will stay that way forever. But what to do about my anti-forgery token could not be decrypted error in my MVC.NET app? Well I tired to figure out why. Its not like I have had this happen on other apps.


I am going to save you a ton of hours and say the reason why I ran into this is that we are using our clients contractor’s server. They are a solid company from everything I can see and they set us up a server. They apparently use server farms which is a bigger scale then little old me is used to dealing. The error was spastic occurring with little rhyme or reason. I found a blog that gave me the reason and solution but not exactly how to implement it for someone who had never done it before.

Solution to MVC.NET The anti-forgery token could not be decrypted error

If you read their blog you get that you need to add a blurb of stuff to your need but not the details. Lets quote their solution, which is correct by the way.



    <machineKey decryptionKey=”Decryption key goes here, IsolateApps”

                validationKey=”Validation key goes here, IsolateApps” />



So what is a person to get said keys? Well there is an easy solution to implement this answer.

Implementation Details

First open up IIS. If you don’t know how just search IIS in the Windows search box. When you open it, you will have the name of the server. Here it is blacked out but under it is the server name. Select that.

IIS main screen

When the server is selected, you will see its name an Home at the top. You will also see all the settings for IIS. You want the Machine Key.

Instance Main screen
Instance main screen with Machine Key selected.

Finally, you get the Machine Key Screen. There are several steps here.

Configured Machine Keys, the solution to the anti-forgery token error MVC.NET

First uncheck the Automatically generate at runtime for both the Validation key and Decryption key.

Next press the Apply link in the upper right.

Finally press the Generate Keys link under the Apply link.

Your keys will be produced. Where the arrows are present. One for Validate and one for Decryption. Keep that open.

Now you have the data you need to actually implement her solution.

In your root Web.config, under the system.web section put you new data.

<machineKey decryptionKey="B19EF36FB7CAF3E6B012689C635B3877E0C(C6BB2E8BB00A" validationKey="FFCD68413C581A85B684EACDEA40E&42E7420AD960C155A8DCB2E5FE02848538FB664E2C1947C1368" />

Now you should have a working system. Hopefully that helps someone and if it does drop a comment down below if this helped you conquer your “anti-forgery token could not be decrypted” error in MVC.NET.

Leave a Reply

Your email address will not be published.