Microsoft login issue in asp.net mvc 5 custom application

Question

I have developed ASP.NET MVC 5 custom application.
Basically I want implement Microsoft login functionality SSO (Single Sign On) into that, I have developed Microsoft login custom code into application. When I deployed it on Azure AD app and tested it, login is not working. It is redirecting again again to login page and throws below error:

IDX21323: RequireNonce is 'System.Boolean'. OpenIdConnectProtocolValidationContext.Nonce was null, OpenIdConnectProtocol.ValidatedIdToken.Payload.Nonce was not null. The nonce cannot be validated. If you don't need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to 'false'. Note if a 'nonce' is found it will be evaluated.

I have download the sample project from Azure AD App Quickstart option and tested it.
But when I updated it as per my requirement and deployed it on Azure AD app then test it, it behaves same and throws same error.

So how can I achieve Microsoft Login into my custom application or how can I resolve this issue?

Answer 1

Hi @Bhavika Nimbark ,
This exception is usually thrown when an OpenIdConnect middleware encounters an invalid nonce or a missing nonce cookie.
Sometimes, it could be just that SSL is not enabled in Visual Studio or in Windows VM. Enabling SSL to enforce https should resolve the problem.

Best regards,
Yijing Sun

---

If the answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our  documentation  to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

A common cause of this error is not properly configuring for a web farm. The servers in the farm must share the same encryption keys, otherwise they can not read each others cookies.

while asp.net core data protection services, use a shared file by default when hosted in azure, I'm not sure the status of the owin data protection services. you probably have to configure.