Using ASP.NET Identity with a load balancer

Does ASP.NET Identity stores two-factor authentication and reset password tokens in memory?

Then what's the solution if we have many copies of a project behind a load balancer? It's possible to store those tokens in a database?

Is there any other issue if we want to use a load balancer?

Solution

Tokens are not stored in server memory, but on the client (link, cookie etc.). So a load balancer is supported as long as you keep the machinekey in the web.config the same on all web servers.

Because of the above it's not necessary to store them in a database. There is a possibility to do so. See also this similar question (I see it has a similar answer :-)) How are bearer tokens stored server-side in Web API 2?

.Net Core [Authorize] - Or instead of And for permission test
ASP.NET Core EF Identity Roles while using JWT Bearer Scheme
Is there a way to have the Identity Library cookies be tied to the root domain?
Invalid 2FA Codes (Authenticator App and Email)
List users with roles in a razor page using asp.net 6.0 Identity
EF Core 8 database first with Identity User tables
ASP Net identity two factor authentication last expired token is getting validated successfully
The entity type 'Microsoft.AspNet.Identity.EntityFramework.IdentityUserLogin<string>' requires a key to be defined
Invalid object name 'dbo.AspNetUsers' in Asp.NET MVC 5 Entity Framework
How to get current user in asp.net core
Cookie LoginPath not redirecting to path
ASP.NET MVC Creating User: Multiplicity is not valid
ASP.NET Core MVC pass a url parameter to the POST
"Correlation failed." after upgrading 'Microsoft.IdentityModel.JsonWebTokens' and 'System.IdentityModel.Tokens.Jwt'
Add claims to admin when db is launched first time
Editing custom ASP.NET IdentityUser properties in Blazor
Invalid_client using OpenIdConnect in client application
ASP.Net Core Identity User Edit Page passing back null roles
The AspNetUserRoles table was cleared during migrations
why offline_access scope is needed to request refresh token in IdentityServer (OAuth2)?
Combine auth cookies and bearer token at the same time
Unauthorised webapi call returning login page rather than 401
Cosmos provider for Entity Framework Core creating container with DbContext class name
Is it possible to get user list with paging, sorting IdentityUser Tables .Net Core
How to Create a Generic Repository in C# that Handles Both BaseEntity and IdentityUser<int> Types?
ASP.NET Core Identity does not inject UserManager<ApplicationUser>
URL with parameter only reaching IIS on localhost
Cannot implicitly convert type 'System.Collections.Generic.IEnumerable' to 'System.Web.Mvc.ActionResult'
Difference in hashing algorithms of .Net Identity and .Net Core Identity
User.Identity.Name is null after local login