I’m using the Authorization Code Flow with the Okta Sign in Widget.
code back from a successful login, then hitting the
/token endpoint to swap that
code for an
id_token that contains user profile claims that I need for my app.
I’m trying to validate my JWT id_token, but it’s erroring with
Nonce does not match what is expected. Make sure to provide the nonce with setNonce()
from the JwtVerifierBuilder.
setNonce(null), but it still yells at me.
What can I do? How can I get the nonce value from the authorization code flow, in order to validate an id_token?