Nonce Check Fails in Firefox and Chrome but not Edge

kepboy · July 9, 2018, 11:25am

I’ve created an ASP.NET Core web app using MVC and cookie authentication. When I use Chrome or Firefox and I login in I get the error

OpenIdConnectProtocolInvalidNonceException: IDX10320: RequireNonce is ‘True’ but OpenIdConnectProtocolValidationContext.Nonce is null. A nonce cannot be validated. If you don’t need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to ‘false’.

However, if I use Edge it logs in fine. Any idea why different browsers would produce different results?

I can provide a fiddler trace, not sure if I’d be giving away sensitive information in it.

kepboy · July 9, 2018, 11:46am

I worked it out. I was setting cookie policy to require consent for non-essential cookies. Because I didn’t have the consent script in my app chrome refused to set the nonce cookie. Edge obviously doesn’t care

I have to say I would image that the nonce is actually a pretty essential cookie, is there any way to signify that fact?

system · August 19, 2019, 7:26am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
IDX21323: RequireNonce is 'System.Boolean'. OpenId Connect Protocol Validation Context Nonce was null Help	1	4368	December 8, 2020
.NET IDX21323 Error Knowledge Articles	1	784	January 11, 2024
Open Web Interface for .NET Cannot Login, "IDX21323: RequireNonce is '[PII is hidden]'" or "RequireNonce is 'True'" Knowledge Articles .net , owin , cookie , nonce	1	2991	October 27, 2023
Nonce mismatch in OpenID Connect Enterprise Connections Help oidc	4	6369	December 7, 2019
Getting IDX21323 : RequireNonce is 'PII is hidden' Help auth0 , login	5	7281	December 1, 2020

Nonce Check Fails in Firefox and Chrome but not Edge

Related Topics