SMS azure demo (value cannot be null)

May 6 at 3:49 PM
When using the Azure SMS demo (configured with my MSDN account) I have the following error in the Application LOG when I trying to send the SMS. And an error message on the web page
"Error sending toast notification : {0}"

Error sending toast notification :
Value cannot be null.
Parameter name: value
at System.Collections.CollectionBase.OnValidate(Object value)
at System.Collections.CollectionBase.System.Collections.IList.Add(Object value)
at Neos.IdentityServer.Multifactor.SMS.PhoneFactor.SendMessage(String target, String message, String& body)
at Neos.IdentityServer.Multifactor.SMS.PhoneFactor.InternalAuthenticate(PhoneFactorParams pfAuthParams, Boolean asynchronous, String& otp, Int32& call_status, Int32& error_id, Int32 timeout)
at Neos.IdentityServer.Multifactor.SMS.PhoneFactor.Authenticate(PhoneFactorParams pfAuthParams, String& otp, Int32& callStatus, Int32& errorId, Int32 timeout)
at Neos.IdentityServer.Multifactor.SMS.SMSCall.GetUserCodeWithExternalSystem(String upn, String phonenumber, String smstext, ExternalOTPProvider externalsys, CultureInfo culture)
at Neos.IdentityServer.MultiFactor.Utilities.GetPhoneOTP(Registration reg, MFAConfig config)
at Neos.IdentityServer.MultiFactor.AuthenticationProvider.internalSendNotification(AuthenticationContext usercontext, MFAConfig cfg)

May 7 at 10:50 PM

You can also debug (remote) to see what is wrong

May 13 at 7:22 PM
I have follow step by step, but still the same error. I have try on a fresh ADFS install, but the same.
Does the USER account need some requirements (except the described attributes) ?

Is my config file correct ? (except xxxx to anonymise)
<ExternalOTPProvider Company="MyCompany" DefaultCountryCode="US" IsTwoWay="false" Timeout="300" Sha1Salt="slyoursalt" FullQualifiedImplementation="Neos.IdentityServer.Multifactor.SMS.SMSCall, Neos.IdentityServer.Multifactor.SMS.Azure, Version=, Culture=neutral, PublicKeyToken=175aa5ee756d2aa2">
        <![CDATA[LICENSE_KEY = "xxxxxxxxx", GROUP_KEY = "xxxxxxxx", CERT_THUMBPRINT = "‎xxxxxxxxxx"]]>
May 13 at 8:51 PM
HI, crapitouille

Yes, Your config file seems correct (expect that xxxx values are good)
It should be better, if you can debug with Visual Sudio Remote Debugger, and provide a more detailled information of your problem.

I think, that your problem is related to your Azure subscription,
Azure Multi-Factor Authentication is included in Azure Active Directory Premium (P1 and P2 plans) and Enterprise Mobility + Security (E3 and E5 plans), and can be deployed either in the cloud or on premises.
MSDN Subscriptions seems to not have the right to use this Azure feature

for information

Azure MFA


May 13 at 9:00 PM

The Stack dump, indicates an error on adding an item in collection.
It seems that the certificate can't be retreived from the local machine cert store.

Inside the SendMessage method below
body = "";

            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(target);
            request.KeepAlive = false;
            request.ProtocolVersion = HttpVersion.Version10;
            request.Method = "POST";

            // Set certificate
           // X509Certificate2 cert = new X509Certificate2(cert_file_path, CERT_PASSWORD, X509KeyStorageFlags.MachineKeySet);

            X509Certificate2 cert = GetCertificate(CERT_THUMBPRINT, StoreLocation.LocalMachine);

            request.AuthenticationLevel = AuthenticationLevel.MutualAuthRequired;
Can you verify that the ADFS and ADFS Service Account have a full access to the certificate (including private Key)

Marked as answer by redhook on 6/21/2017 at 10:46 AM