|
|
|
|
|
|
by woodruffw
991 days ago
|
|
|
That’s my read as well, but my experience with OIDC providers (especially machine identity providers) is that they don’t provide any mechanism for configuring the nonce (because they aren’t doing a traditional OAuth2 authentication request). Specifically, GitHub Actions, GCP, and GitLab don’t support this (to my knowledge). |
|
|