WIF: ID1014: The signature is not valid. The data may have been tampered with

By | April 11, 2017

Been bashing my head against this (WIF: ID1014: The signature is not valid. The data may have been tampered with) problem now for about a week. WIF tracing has been useless in trying to solve this. For my own sanity sake, here are the possible causes that I have found so far that could cause it.

For me the problem surface in a unique configuration where our STS gets configured as a RP-STS & STS. When an desktop system needs to access a resource in our website it sends the STS a token generated from our A-STS and this then signs him into federation. It is this with this specific situation that my problem surfaced.

WTF!, I Found a solution for my problem but I do not know what was causing it to have this issue but in the end I ended up programmatically rebuilding the FederationConfiguration and assigning it to the FederatedAuthentication.SessionAuthenticationModule.FederationConfiguration property each time just before the sign-in. I could not see any difference between the FederationConfiguration from the config file and the one I was building programmatically but it solved my problem.

I hate leaving this issue without understanding what caused it but I have spent too much time on this issue already.

Category: Troubleshooting Tags: , ,

About Wayne Clifford Barker

I am a husband, father, blogger, gardener, fish keeper and cyclist. In my professional capacity I am the solution architect and technical lead for Assima Core Team. Me and my team are responsible for all the infrastructure and cross cutting concerns of the product; security, diagnostic and auditing. We are also responsible for scaling, deployment, hosting, performance testing and load testing. It is difficult to put me in a box and say “This is what I can do as a person” as technology and requirements change every year, my skills change. In the end I help engineer sustainable business solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *