Base solution for your next web application
Open Closed

Impersonation token is invalid or Expired #10658



Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.

  • What is your product version? v8.2.1
  • What is your product type (Angular or MVC)? MVC
  • What is product framework type (.net framework or .net core)? .net core

If issue related with ABP Framework

  • What is ABP Framework version? .NET Core 3.1

If issue is about UI

  • Which theme are you using? Default
  • What are the theme settings? Default

We're having issues impersonating users in our system. It's not a consistant bug as some users can and some cannot, it may even be a browser issue. Just want to see if anyone has encountered it or has resolved it in some way or another.

3 Answer(s)
  • 0
    ismcagdas created
    Support Team


    We had some problems about impersonation but it was for Angular version. When user tries to impersonate, a key is stored in cache (memory cache by default) and when user is redirected to target account, this cache is checked. In your case, the cache item is expired or invalid.

    Do you use memory cache or did you replace it with Redis ? Also, if you can share the logs via email with [email protected], we might find something there.

  • 0

    This solution is not an angurlar version. We're using memory cache, no replacements have been done to this logic at all. It is however, load balanced on two iis servers, could that be causing an issue? I will make sure to email you the logs ASAP.

    Thank you for the quick response!

  • 0
    ismcagdas created
    Support Team


    It is however, load balanced on two iis servers

    Yes, this is definitely the reason. Because when user makes the first request to instance 1, it creates a memory cache item. If the second request goes to instance 2, it will not find the cache item and throw this exception.

    An easy solution would be using redis cache, see