Null SecurityStamp leads to ArgumentNullException


Here is a typical implementation of IUserSecurityStampStore:
        public Task<string> GetSecurityStampAsync(TUser user)
            return Task.FromResult(user.SecurityStamp);
If user.SecurityStamp is null there is an exception in the ClaimsIdentityFactory.CreateAsync during sign in. The easy workaround is to ensure that a empty string is returned instead of null.
user.SecurityStamp ?? string.Empty
But it would be nice if the implementer didn't have to worry about this (it took a while to find the root cause).
Closed Mar 17, 2014 at 10:22 PM by raspranav


johnadx wrote Mar 5, 2014 at 11:02 PM

Or should I be seeding the security stamp value somehow? I added the IUserSecurityStampStore to an existing user store that didn't have it initially so users were created without a stamp value.

HaoK wrote Mar 6, 2014 at 5:48 PM

You should seed the security stamp with something random, like a new guid work.

nickspiers wrote Mar 25, 2015 at 11:18 PM

When I had this issue it was because I created the user with the UserStore directly, instead of the UserManager. Because of this the SecurityStamp wasn't added to the user before being inserted in to the database.

siva1254 wrote Jan 8 at 8:04 PM

yes this helps, thanks.