RequireNonce is true (default) but validationContext.Nonce is null

c# openid nonce
proteus picture proteus · Sep 8, 2017 · Viewed 14.1k times · Source

I have an app running in azure using Azure active directory. Some of the users have just reported getting this error trying to access the app. I can access it ok, so can many other users, its only certain users that are having the issue, heres the error message

IDX10311: RequireNonce is true (default) but validationContext.Nonce is null. A Nonce cannot be validated. If you dont need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to false

Ive googled it but I cant find a solution, has anyone else experienced this problem ? How Can I fix it ?

Answer

Raja Mouli Ankireddy picture Raja Mouli Ankireddy · Feb 22, 2018

I had the same problem but switching back the Microsoft.Owin.Security.OpenIdConnect to version 3.0.1 solved the issue

OWIN OpenIdConnect Middleware IDX10311 nonce cannot be validated

Related questions

How to add custom claims to access token in IdentityServer4?

I am using IdentityServer4. I want to add other custom claims to access token but I'm unable to do this. I have modified Quickstart5 and added ASP.NET Identity Core and the custom claims via ProfileService as suggested by Coemgen …

Read More
OpenID, how to develop a provider

Currently I'm developing some infrastructure and I've implemented my own RESTful authentication mechanism. Now I've in mind that maybe I shouldn't go this way and use an industry standard so interoperability with my project could be trivial and easier to …

Read More
Custom oAuth server implementation and its advantages

We have multiple web projects(sites), each has its own Authorization logic. Today I have been asked by my CIO to implement oAuth and use that for validating user across all sites. Earlier I have used oAuth for Google, Facebook, …

Read More