whihathac's Den

code is poetry

Fixing error - ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry.

I was trying to setup my own ADFS Server and my web app talking to it, but stumbled upon this error on my web app.
ID4175: The issuer of the security token was not recognized by the 
IssuerNameRegistry. To accept security tokens from this issuer, configure the 
IssuerNameRegistry to return a valid name for this issuer
A plain simple Bing search lead me to this blog post. I am posting the solution for the benefit of all.
The error really means that there is a mismatch between the issuer certificate details mentioned in the web.config's <Microsoft.identityModel /> section. So back to your ADFS server grab that thumbprint of the certificate and update it in the web.config of your app.
    
<microsoft.identityModel>
<service>
...
      <issuerNameRegistry type="Microsoft.IdentityModel.Tokens.
ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel,
Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
        <trustedIssuers>
          <add thumbprint="d9c160d223ae97b26605627d8e6dd39c045e08c3"
name="http://b-adfs.fareast.corp.microsoft.com/adfs/services/trust" />
        </trustedIssuers>
      </issuerNameRegistry>
      <certificateValidation certificateValidationMode="None" />
    </service>
  </microsoft.identityModel>
There are more details about other exceptions and how to fix them here.
Thanks,
Bhavik

New posts coming soon

After a deep slumber of over a year, I am planning to write new posts over multiple technologies - WIF, ADFS, C#, Windows Phone 8 based on my earlier experiences. So in case you want me to cover some topics, please let me know via email/comments.

Cheers,
Bhavik