Uploaded image for project: 'MongoDB Shell'
  1. MongoDB Shell
  2. MONGOSH-1905

Always include a nonce in the oidc request

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 2.3.4
    • Affects Version/s: None
    • Component/s: OIDC DB Auth
    • None
    • Needed
    • Hide

      mongosh adds a new command line flag, --oidcNoNonce. If the flag is not set, then during Authorization Code Flow, mongosh will now start sending a nonce parameter as part of it. Users can use the command line flag to opt out of this behavior, in case their identity provider does not support it.

      Show
      mongosh adds a new command line flag, --oidcNoNonce . If the flag is not set, then during Authorization Code Flow, mongosh will now start sending a nonce parameter as part of it. Users can use the command line flag to opt out of this behavior, in case their identity provider does not support it.
    • Developer Tools

      This is a workaround for HELP-67374, where Cognito will respond with a generated nonce if one is not supplied, thus triggering validation errors.

            Assignee:
            nikola.irinchev@mongodb.com Nikola Irinchev
            Reporter:
            nikola.irinchev@mongodb.com Nikola Irinchev
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: