Nonce.
A "number used once" — a value generated by one party and echoed back by another to bind a response to its specific request and defeat replay attacks.
A nonce defeats replay. The attacker captures a legitimate signed response (an ID Token, a SAML assertion, an authentication challenge response) and replays it later; the verifier rejects it because the nonce binds the response to a specific earlier request that no longer exists in the verifier's session state.
The common implementation bug is generating the nonce but never verifying it on the return. The signature checks out, the token validates, and the developer ships — and the system silently accepts replayed tokens. Use a library that enforces nonce verification by default; if the library does not, write the check yourself and gate authentication on it.
Common questions
What is a nonce in security?
Why is nonce verification important in OIDC?
What happens if a nonce is reused?
Related terms
In the guides
OpenID Connect (OIDC) Explained: The Modern Identity Layer on OAuth 2.0
OIDC adds authentication and identity claims to OAuth 2.0. How discovery, ID tokens, and the standard scopes work, plus the pitfalls that bite implementers in production.
SAML 2.0 Explained: The Enterprise SSO Standard, 20 Years In
SAML 2.0 still dominates enterprise SSO install base in 2026. How the protocol actually works, the bindings, profiles, the metadata exchange, and the security pitfalls that keep biting implementers.