OpenID Provider [oidc] did not return a nonce

Hi! I’m facing this problem with Keycloak 11 using an external OIDC identity provider owned by customer. After the authentication flow KC shows the error screen and logs this:

13:15:57,417 ERROR [] (default task-14) Failed to make identity provider oauth callback: OpenID Provider [oidc] did not return a nonce

Analyzing requests exchange here is what i found:
We send request to IDP:

IDP, after login, return to returnUrl without nonce parameter:

Do you think is a problem IDP side? This control can be disabled Keycloak side?

1 Like

hi claudiomerlientando,

we am facing the same szanario. our customers ipd returns a nonce parameter and we want to reproduce with our keycloak idp but we can not find an option to return the nonce parameter.

kind regards

Hi @Starsek, we solved by creating a custom image which handle an environment variable “USE_NONCE” wich activate or deactivate the check on nonce parameter

Hey @claudiomerlientando, thanks for responsing. do you mean a docker-image with “custom image”?

Hi @Starsek, sorry for the late response, yes, a custom image.