<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009zAolcCACOkta Classic EngineAuthenticationAnswered2025-09-13T09:01:51.000Z2024-02-01T10:22:13.000Z2024-02-02T15:12:42.000Z

User16461412387634530054 (Customer) asked a question.

February 1, 2024 at 10:22 AM
Just started getting the error: "Unable to unprotect the message.State."

Hi Okta Team,

 

We have successfully been using Okta authentication with our application (asp.net core 7.0 MVC) for a number of years. However, recently we have deployed it to a new server with a load balancer.

 

We of course updated the "Sign-in redirect URIs" and the "Sign-out redirect URIs" in the okta console.

 

We have also upgraded to : asp.net core 7.0 MVC

 

On the test server everything is fine, however on our production server we are getting a lot of errors of the type:

 

Category: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware

EventId: 1

SpanId: f424d0551a00af6f

TraceId: 4039b49cb7de2b30c649cad4b7f1918c

ParentId: 0000000000000000

RequestId: 40002bdc-0001-8700-b63f-84710c7967bb

RequestPath: /myapp/admin/authorization-code/callback An unhandled exception has occurred while executing the request.Exception:

System.Exception: An error was encountered while handling the remote login.

 ---> System.Exception: Unable to unprotect the message.State.

   --- End of inner exception stack trace ---

   at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()

   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)

   at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.<Invoke>g__Awaited|8_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task)

 

Basically, "Unable to unprotect the message.State." appears a lot as well as our apps error page. The strange thing is that we can still keep using the app but every 2nd or 3rd request we might get that error.

 

We are using the Okta.AspNetCore; package with the following settings:

 

       builder.Services.AddAuthentication(options =>

       {

           options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;

           options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;

       }).AddCookie(options => { options.ExpireTimeSpan = TimeSpan.FromMinutes(30); }).AddOktaMvc(new OktaMvcOptions

       {

           OktaDomain = builder.Configuration.GetValue<string>("Okta:OktaDomain"),

           AuthorizationServerId = builder.Configuration.GetValue<string>("Okta:AuthorizationServerId"),

           ClientId = builder.Configuration.GetValue<string>("Okta:ClientId"),

           ClientSecret = builder.Configuration.GetValue<string>("Okta:ClientSecret"),

           Scope = new List<string> { "openid", "profile", "email" }

       });

 

       builder.Services.AddSingleton<AuthTokenConfig>();

       builder.Services.AddSingleton<MyAppWebApiUrlBuilder>();

       builder.Services.AddSingleton<ITokenService, JwtAccessTokenManager>();

       builder.Services.AddTransient<IArchiveService, ArchiveService>();

       builder.Services.AddTransient<IMyAppService, MyAppService>();

 

We suspect it may have something to do perhaps with the load balancer on the production server?

 

Thank you for your time,

Regards,

Andrew

 

 

 

 

 

 

  • 1 answer
  • 1.39K views

Loading
Just started getting the error: "Unable to unprotect the message.State."