OpenID Connect Nonce explained: Where it matters and where it doesn’t. Replay attack revisited (opens in new tab)

The nonce is rarely implemented and often misunderstood. Take a closer look at the OIDC nonce, replay attacks, and whether the nonce…