I've setup my Access Control Service at https://____.accesscontrol.windows.net/v2/mgmt/
I've used the "Identity and Access..." context menu in VS2012 for my web site, and configured everything.
When I publish to Azure and try to run it there, it redirects me to ACS to authenticate, then when it sends me back to my site, I get the error "The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating."
I've looked around, and not found any good solution for that!