It looks like you've forgotten to URL-encode the code when you created the confirmation URL. For backwards-compatibility, browsers treat a
+
in the query-string as an encoded space.
When you generate the URL, you need to use
the HttpUtility.UrlEncode
method[
^] to encode the parameters.
For example:
string url = string.Format("yoursite/controller/action?userId={0}&code={1}",
HttpUtility.UrlEncode(userId),
HttpUtility.UrlEncode(code));
Or, using the code from
the tutorial on the ASP.NET site[
^]:
var callbackUrl = Url.Action(
"ConfirmEmail", "Account",
new { userId = user.Id, code = code },
protocol: Request.Url.Scheme);