search

IdentityModel / oidc-client-js

OpenID Connect (OIDC) and OAuth2 protocol support for browser-based JavaScript applications
Apache License 2.0
2.43k stars 841 forks source link

Error "invalid nonce" in E11 #1252

Closed AlfredssonErik closed 3 years ago

AlfredssonErik commented 4 years ago

IE11 throws the error "Invalid nonce" when trying to authenticate a user with implicit grant flow. From what I understand nonce is not supported in IE11 and therefore ends up as null on the server.

My config for the oidc: { authority: 'url/to/authority', client_id: 'myClientId', redirect_uri: 'redirect/uri', response_type: 'token id_token', scope: 'openid profile basegateway', post_logout_redirect_uri: '/login/post-logout', revokeAccessTokenOnSignout: true, loadUserInfo: false, userStore: new WebStorageStateStore({ store: localStorage }) }

Is there any configuration or something that has to be in place to support IE11?

brockallen commented 4 years ago

Last I tested, IE11 works fine

AlfredssonErik commented 3 years ago

Was an error in the type of authentication flow that was not supported by IE11. Closing.