Disable Identity Heuristic Check


Often times you will see an exception

Anti forgery token is meant for user "" but the current user is "username"

This is because the Anti-Forgery token is also linked to the current logged-in user. This error appears when a user logs in but their token is still linked to being an anonymous user for the site.

There are a few ways to fix this behavior, but if you would rather not have CSRF tokens linked to the logged-in state of a user you may disable this feature.

Put this line in your Global.asax file or similar application startup logic.

AntiForgeryConfig.SuppressIdentityHeuristicChecks = true;