Set consistent machine keys on all Smart API Manager instances - Intergraph Smart API Manager - 2020 (4.0) - Installation & Upgrade

Intergraph Smart API Manager Installation and Configuration Guide

Language
English
Product
Intergraph Smart API Manager
Search by Category
Installation & Upgrade
Smart API Manager Version
4.0

If multiple instances of Smart API Manager are configured for load-balancing, such as in a web farm, you must also set consistent machine keys on all the Smart API Manager instances to prevent security errors.

What happens if machine keys are inconsistent?

If different instances have different machine keys, errors similar to the following might be generated when Smart API Manager attempts to generate an access token:

Message: AntiForgeryTokenValidator validating token

System.Security.Cryptography.CryptographicException: Error occurred during a cryptographic operation

How to generate a machine key for Smart API Manager

SHARED Tip For more information on generating a machine key for a web application, see the following Microsoft blog post: https://blogs.msdn.microsoft.com/amb/2012/07/31/easiest-way-to-generate-machinekey/.

  1. In IIS Manager, select the Smart API Manager web application and double-click Machine Key.

  2. On the Machine Key page, select the SHA1 validation method and the AES encryption method.

  3. Clear all check boxes in the Validation key and Decryption key sections.

  4. Click Generate Keys, and then click Apply.

  5. A <machineKey> entry is added to the web.config file, located at:

    [Smart API Manager Install Folder]\Dashboard

  6. Copy the <machineKey> entry to the web.config file for each remaining Smart API Manager instance in the web farm.

    Do not generate different machine keys on other Smart API Manager instances within the same web farm.

To determine what needs to happen next in your environment, see Where to Go From Here.