TrustedMissingIdentityClaimSource Error with Claims Auth in SharePoint 2010

I’ve seen this error happen a few times to myself and others so I thought I would share the likely culprit.  The scenario is, you set up claims authentication in SharePoint 2010…and you’re pretty sure you’ve configured everything correctly.  🙂   When you actually try and navigate to the site though you may get the standard ASP.NET error page that says something along the lines of a TrustedMissingIdentityClaimSource error (assuming you have custom errors turned off).  Most frequently I’ve seen this error when you have configured EmailAddress to be the identity claim, but the person you are trying to log in with does not have an email address in Active Directory (or whatever directory you’re using).  It can be confusing of course because you see yourself getting redirected to ADFS (for purposes of this conversation, could be any IP-STS), you see that you’ve been authenticated there, but then SharePoint blows up.  It serves as a reminder as the difference between who I am (the identity you log in with), and things about me (attributes like EmailAddress and other claims that can be used for permissions provisioning now).

So, if you get this error, the first thing I would recommend checking is whether your user account that you logged in with has a value in the identity claim it is expecting.  Remember too, if there’s no value in that attribute, the claim will typically not even get sent over to SharePoint (i.e. as an empty string value for example).


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s