I am trying to implement authorization_code flow in my mvc application . In app settings I have selected Grant type- Authorization_code and client credentials … Request type - Code. still in request url request type is passed as Code&id_token internally … which lead to an [unsupported request type] exception.
I updated Okta.AspNet to 1.8.0 …
receiving below error now…
Error : { IDX21323: RequireNonce is ‘True’. OpenIdConnectProtocolValidationContext.Nonce was null, OpenIdConnectProtocol.ValidatedIdToken.Payload.Nonce was not null. The nonce cannot be validated. If you don’t need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to ‘false’. Note if a ‘nonce’ is found it will be evaluated. }
ErrorInfo : { at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidator.ValidateNonce(OpenIdConnectProtocolValidationContext validationContext) at
Nonce is null? Sounds like your app isn’t able to validate the nonce. Are you ensuring that the .NET app is the one triggering the /authorize request? Does it work if you disable nonce validation as mentioned in the error message?