WIF- ID1014: The signature is not valid. The data may have been tampered with

Question

I\'ve been using WIF to authenticate our new website, the STS is based upon the starter-sts implementation.

To enable this to work correctly on out load balanced environ

Answer 1

The browser cookies are encrypted with "old" mechanism - DPAPI. Therefore, when the server tries to decrypt the cookies, it fails - your code use RSA now, not DPAPI.

As a workaround, clear the browser cache, and the application will start running as expected.