OIDC Authorize Code Flow lists a nonce value to be passed in step 1) and the nonce value does not return with id_token, However in OIDC Implicit Code Flow step 1) also lists nonce value, and properly returns nonce value in the response. Checking OIDC conformant flow nonce is only mentioned in implicit flows https://auth0.com/docs/api-auth/intro. My question is was the documention victim to a copy paste job and nonce does not in fact work with authorize code flows or am I missing something else entirely.
Works as the document describes. Also conforms to official OIDC guidelines.
Does not return nonce value in id_token as described. However Official implementation guidelines don’t include a nonce option.
The description for nonce in authorization code flow and implicit match. Was this incorrectly copy-pasted?