ASP.Net Core 7 Identity Email confirmation code is not persisted to Redis

Question

Token generation:

string code = await _userManager.GenerateEmailConfirmationTokenAsync(appUser);
code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));

Email confirmation:

code = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(code));
IdentityResult identityResult = await _userManager.ConfirmEmailAsync(appUser, code);

Infrastructure:

service.AddDataProtection().PersistKeysToStackExchangeRedis(redis, "SomeString");

    builder.Services.AddIdentity<AppUser, IdentityRole>(o =>
    {
        // configure identity options
        o.SignIn.RequireConfirmedAccount = true;
        o.Password.RequireDigit = false;
        o.Password.RequireLowercase = false;
        o.Password.RequireUppercase = false;
        o.Password.RequireNonAlphanumeric = false;
        o.Password.RequiredLength = 6;
    })
        .AddEntityFrameworkStores<AppDbContext>()
        .AddDefaultTokenProviders();//.AddDefaultUI();

I don't see the email confirmation code persisted to the Redis:

lrange SomeString 0 -1

https://github.com/dotnet/aspnetcore/issues/46875

Answer 1

I followed this official doc, and not facing the issue you mentioned.

Scaffold Identity into an MVC project without existing authorization

My Suggestion, you could check the doc or provided the new sample project without any sensitive information to us.

---

According my experience, here are the steps:

1. Check the time of the operating system running the web application to make sure it is in sync with the network time.

2. In ASP.NET Core Identity, by default, confirmation email tokens are valid for 1 day and reset password tokens are valid for 1 hour. I suspect that the token may have expired.

   You can test it with the code below.

        builder.Services.Configure<DataProtectionTokenProviderOptions>(options =>
        {
            options.TokenLifespan = TimeSpan.FromDays(10);
        });