IDX21323: RequireNonce error

dotnet

#1

Hello,

Login redirect to OKTA for authetication.
Enter credentials and redirects back to website.
Blows up with the following error message
"IDX21323: RequireNonce is ‘[PII is hidden by default. Set the ‘ShowPII’ flag in IdentityModelEventSource.cs to true to reveal it.]’. OpenIdConnectProtocolValidationContext.Nonce was null, OpenIdConnectProtocol.ValidatedIdToken.Payload.Nonce was not null. The nonce cannot be validated. If you don’t need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to ‘false’. Note if a ‘nonce’ is found it will be evaluated. "

Anyone have any ideas on how to make this work?
Or what to check to figure out the problem?
This was built using the quickstart tutorial for .net4x MVC but being used via webforms.

Thanks.


#2

That’s odd, it shouldn’t throw that error message with the default configuration.

Can you post your Startup.cs code?


#3

Hello,
Thanks for the reply but since posting this I have changed a slew of code and no longer have the error.


#4

Glad you got it figured out! :+1:


#5

Hi

@cramer

We have a similar problem when connection to ADFS server using Open ID Connect. Any chance you could share what changes you did to your Startup.cs to solve the problem?

BR

/Halvar


#6

Hello,

I honestly don’t remember what was changed that made it work.
But I think it may have been issues with using different cookie authentication options.

CookieAuthenticationOptions and UseExternalSignInCookie values maybe…


#7

Hi

Thanks! Ok, I have to look into this more to get the full understanding but you might have pointed me in the right direction. Thanks!

BR

/Halvar