Share via

Getting HttpException, Unable to validate data

Scott 0 Reputation points
2025-09-08T18:20:38.8033333+00:00

I'm setting up brand new SSRS 2022 Reporting Services with custom (Forms) authentication. I followed instruction from here, https://free.blessedness.top/en-us/sql/reporting-services/security/configure-custom-or-forms-authentication-on-the-report-server?view=sql-server-ver16

Initial authentication works in ReportServer site (able to see directory list after successful Forms login), but portal site Reports is causing below error

Exception: System.Web.HttpException (0x80004005): Unable to validate data.
   at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
   at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)

I tried generating new machine key and modified web.config and other config files as suggested from SSRS 2016 article, but when 2022 RS starts, it removes the entry with machine key. How can I resolve above error?

SQL Server Reporting Services
SQL Server Reporting Services
A SQL Server technology that supports the creation, management, and delivery of both traditional, paper-oriented reports and interactive, web-based reports.
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. CHIPPA ANJAN KUMAR 0 Reputation points
    2025-10-14T09:53:04.6633333+00:00

    Hi Scott,

    This error here occurs because the ReportServer and SSRS Portal sites use are using different or temporary encryption keys for Forms Authentication. In SSRS 2022 any <machineKey> entry added inside the site web.config files is removed when the Reporting Services service restarts, this cause the authentication ticket to fail validation between the two sites.

    Configure a persistent, shared machine key at the .NET Framework level so that both the ReportServer and SSRS portal sites will use the same persistent encryption keys and the Forms Authentication login will work without errors.

    Thanks,

    Anjan Kumar Chippa

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.