OpenIdConnectProtocolValidator.ValidateNonce Method

Definition

Validates that the JwtSecurityToken contains the nonce.

protected virtual void ValidateNonce (Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext);
abstract member ValidateNonce : Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext -> unit
override this.ValidateNonce : Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext -> unit
Protected Overridable Sub ValidateNonce (validationContext As OpenIdConnectProtocolValidationContext)

Parameters

validationContext
OpenIdConnectProtocolValidationContext

A OpenIdConnectProtocolValidationContext that contains the 'nonce' to validate.

Exceptions

Thrown if RequireTimeStampInNonce is true and a timestamp is not: found, well formed, negatire or expired.

Remarks

The timestamp is only validated if RequireTimeStampInNonce is true.

If Nonce is not-null, then a matching 'nonce' must exist in the 'id_token'.

Applies to