Getting IDX21323 : RequireNonce is 'PII is hidden'

I’m integrating Auth0 with universal login into a ASP.Net webforms application. I followed the quick start tutorials to get started. When testing, I’m able to get the login to prompt. After entering credentials, the site calls back and then I get the following error.

After research, I’ve found this is likely due to Katana bug 197. The workaround is to implement SystemWebCookieManager. So I did and still get the same error.

This is how I have the authentication options set up :image

I can see the nonce when debugging from the browser, but don’t during the call back. I see a token. Do we need a nonce at that point?


Hello, @william.james.martin! Welcome to the Auth0 Community.

The nonce is a value that helps bind the client session (the session in your application) with the ID token that’s generated during the authentication flow. This helps prevent replay attacks.

You should be able to see the nonce value in your ID token, but not explicitly in the callback URL, like the state.

Hopefully this helps.

Hi Bill, Me too facing the same issue. Did you resolve this issue? If so, please share the fix.

Is there any more information to this problem? I am getting it also, and the response from Auth0 above does not help.

Same problem here. Anyone has a solution or workarround implemented? Thanks.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.