As I know, the ‘nonce’ parameter is required to extend the security on my app and minimising the possibility for replay attacks.
I have an app on openshift with multiple pods and I am using the Authorization code flow,
The first request (getting the code) is going through the first pod for example but then when I get to the stage I need to validate the ‘nonce’ it is going through the second pod and then there is a mismatch because the nonce is not synchronized between the pods, any idea what can I do to fix it but also keep using the ‘nonce’ parameter.
Thank you.