Event ID 708 — Federation Service Malformed Requests

Applies To: Windows Server 2008

Federation Service Malformed Requests logs information about incorrectly configured or missing data values that reside in the trust policy, along with information about client cookie issues and sign-on issues.

Event Details

Product: Windows Operating System
ID: 708
Source: Microsoft-Windows-ADFS
Version: 6.0
Symbolic Name: TtpCookieBadUri
Message: One of the session cookies that stores state for pending sign-in requests contains incorrectly formatted data.
Cookie: %1
Formatting error: %2

This cookie is written by AD FS for AD FS use. This error indicates that the cookie has been tampered with. The authentication has failed, and the client request will be denied.


The cookie that was provided to the Federation Service by the current client browser session has been tampered with and cannot be authenticated. You can correct this problem by having the client close the current browser session, start a new browser session, and try the sign-in request again.


Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed with the appropriate authorization.

Federation Service Malformed Requests

Active Directory Federation Services