You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/entra/entra-id/app-integration/troubleshoot-wif10201-no-validkey-securitytoken-mvc.md
+6-5Lines changed: 6 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
---
2
-
title: ASP.NET MVC application error WIF10201: No valid key mapping found for securityToken
2
+
title: ASP.NET MVC application error WIF10201 No valid key mapping found for securityToken
3
3
description: This article provides guidance for troubleshooting the the error "WIF10201- No valid key mapping found for securityToken".
4
4
author: genlin
5
5
ms.author: bachoang
@@ -8,6 +8,7 @@ ms.topic: troubleshooting-general
8
8
ms.date: 02/05/2025
9
9
ms.custom: sap:Issues Signing In to Applications
10
10
---
11
+
11
12
# WIF10201: No valid key mapping found for securityToken in ASP.NET application
12
13
13
14
This article provides guidance for troubleshooting an authentication issue in an ASP.NET MVC application that uses both [WS-Federation](https://github.com/Azure-Samples/active-directory-dotnet-webapp-wsfederation) OWIN middleware and [Windows Identity Foundation](../../../windows-server/user-profiles-and-logon/windows-identity-foundation.md) (WIF) to authenticate to Microsoft Entra ID.
@@ -18,12 +19,12 @@ The ASP.NET MVC application was working previously. However, the following error
18
19
19
20
```dotnecli
20
21
Error Details:
21
-
Server Error in ‘/’ Application.
22
-
WIF10201: No valid key mapping found for securityToken: ‘System.IdentityModel.Tokens.X509SecurityToken’ and issuer: ‘https://sts.windows.net/<Directory ID>/’.
22
+
Server Error in '/' Application.
23
+
WIF10201: No valid key mapping found for securityToken: ‘System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'https://sts.windows.net/<Directory ID>/'.
23
24
24
25
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
25
26
26
-
Exception Details: System.IdentityModel.Tokens.SecurityTokenValidationException: WIF10201: No valid key mapping found for securityToken: ‘System.IdentityModel.Tokens.X509SecurityToken’ and issuer: ‘https://sts.windows.net/<Directory ID>/’.
27
+
Exception Details: System.IdentityModel.Tokens.SecurityTokenValidationException: WIF10201: No valid key mapping found for securityToken: 'System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'https://sts.windows.net/<Directory ID>/'.
27
28
```
28
29
29
30
## Cause
@@ -52,4 +53,4 @@ The Entra ID uses a [signing key rollover mechanism](/entra/identity-platform/si
52
53
53
54
### Solution
54
55
55
-
You can either update the certificate thumbprints in the web.config file manually or automate the process through code. For more information, see [Best practices for keys metadata caching and validation](/entra/identity-platform/signing-key-rollover#best-practices-for-keys-metadata-caching-and-validation)
56
+
You can either update the certificate thumbprints in the web.config file manually or automate the process through code. For more information, see [Best practices for keys metadata caching and validation](/entra/identity-platform/signing-key-rollover#best-practices-for-keys-metadata-caching-and-validation)
0 commit comments