I have been using owin oauth bearer tokens for web.api authentication. I had only a single server. I never needed to custom generate a machine key. Right now, I need to move to a web farm behind a load balancer. I dont want my current users' bearer tokens to become invalid when I move to the farm. How do I export an auto generated machine key, and import to to another server?
The configuration file deployed on each server must have the same machine key. Some reference here.
Basically you have to copy this section to the other servers' config file:
<machineKey validationKey="A970D0E3C36AA17C43C5DB225C778B3392BAED4D7089C6AAF76E3D4243E64FD797BD17611868E85D2E4E1C8B6F1FB684B0C8DBA0C39E20284B7FCA73E0927B20" decryptionKey="88274072DD5AC1FB6CED8281B34CDC6E79DD7223243A527D46C09CF6CA58DB68" validation="SHA1" decryption="AES" />
It's always best to use a script to generate your own machine keys.