What is meant by an error/SOAP response message ‘At least one security token in the message could not be validated’?
Two possible causes for this error have been identified;
The error can be encountered if the (case sensitive) USI end points are not correctly formatted.
The security token in the header of the request to USI has been modified and is thus invalid. This can be as simple as the addition of some whitespace in part of the message that is covered by the signature. (How the security information in the header is being populated is checked.)