I have created an oidc client in keycloak for authentication with an application of ours. When only using keycloak it works perfectly. I added a microsoft client under “identity providers” in keycloak, and when using it to authenticate to the realm it works fine, but when I choose it in the login screen for the client when authenticating with the application, and sign in, the application generates a “failure during callback: nonce mismatch” error message.
If I go back to the original URL of the application in my browser, I am able to access it, since, at that stage, I am authenticated in keycloak. But I don’t understand why I get this error message when trying to log into the application with a brokered microsoft client.