Next auth error : State cookie was missing

Unanswered

Zepeto posted this in #help-forum

Open in Discord

2024-06-10T09:34:05.294Z

I get this error after authenticating on my identity server
message: 'Nonce cookie was missing.'
Here is my provider config :

{
  id: "duende",
  name: "Duende IS6",
  type: "oauth",
  issuer: process.env.ISSUER,
  clientId: process.env.ID,
  wellKnown: process.env.ISSUER + "/.well-known/openid-configuration",
  authorization: {
    params: {
      scope: process.env.SCOPE,
      response_type: "id_token token",
      response_mode: "form_post",
    },
  },
  idToken: true,
  checks: ["nonce"],
  profile(profile) {
    console.log(profile);
    return {
      id: profile.sub,
      name: profile.name,
      email: profile.email,
      image: profile.picture,
    };
  },
},

Can anyone tell me what I've done wrong ? thanks

10 Replies

@Zepeto I get this error after authenticating on my identity server `message: 'Nonce cookie was missing.'` Here is my provider config : tsx { id: "duende", name: "Duende IS6", type: "oauth", issuer: process.env.ISSUER, clientId: process.env.ID, wellKnown: process.env.ISSUER + "/.well-known/openid-configuration", authorization: { params: { scope: process.env.SCOPE, response_type: "id_token token", response_mode: "form_post", }, }, idToken: true, checks: ["nonce"], profile(profile) { console.log(profile); return { id: profile.sub, name: profile.name, email: profile.email, image: profile.picture, }; }, }, Can anyone tell me what I've done wrong ? thanks

2024-06-10T09:52:43.573Z

that's next-auth?

@B33fb0n3 that's next-auth?

2024-06-10T09:53:42.612Z

Yes

2024-06-10T09:55:04.742Z

it does not look like a valid configuration for auth0 for me 🤔

@B33fb0n3 it does not look like a valid configuration for auth0 for me 🤔

2024-06-10T09:56:18.623Z

https://next-auth.js.org/configuration/providers/oauth#using-a-custom-provider It's a custom OAuth provider

2024-06-10T09:58:08.060Z

ah my bad. You done that: https://nextjs.org/docs/app/building-your-application/configuring/content-security-policy#adding-a-nonce-with-middleware
?

@B33fb0n3 ah my bad. You done that: https://nextjs.org/docs/app/building-your-application/configuring/content-security-policy#adding-a-nonce-with-middleware ?

2024-06-10T10:03:52.369Z

Nop

Only using it for auth

2024-06-10T11:06:38.257Z

do it

@B33fb0n3 do it

2024-06-10T11:34:48.522Z

I've added "state" in the check I know have this error :
'State cookie was missing.'