Anti-forgery token issues
Try setting (in global.cs):
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
Do you know what claims you do get in your ClaimsIdentity? If not:
- Remove the
[ValidateAntiForgeryToken]
attribute - Put a breakpoint somewhere in your controller and break at it
- Then look at the current
ClaimsIdentity
and examine the claims - Find one that you think will uniquely identify your user
- Set the
AntiForgeryConfig.UniqueClaimTypeIdentifier
to that claim type - Put back the
[ValidateAntiForgeryToken]
attribute