Need help while Implementing SSO for dev environment

I have setup discourse in my local machine and wanted to setup SSO login I can redirect the user when it clicks on login but when I get redirected I am continuously getting errors, I enabled logging also and it says
Nonce is incorrect, was generated in a different browser session, or has expired
Below is the python file which I’m using: Discourse-setup/ at main · kamleshjoshi8102/Discourse-setup · GitHub

Also Please note in my case it’s running on port 4201 so I have redirected to port 4201 on login

This is the method that’s triggering the error:

  def nonce_valid?
    if SiteSetting.discourse_connect_csrf_protection
      nonce && @secure_session[nonce_key].present?
      nonce &&

It’s checking that the nonce was generated by Discourse for the same session as as the one that redirects the user back to Discourse.

You could try setting the discourse_connect_csrf_protection site setting to false. Its default value is true. It’s a hidden site setting, so it can only be disabled from the Rails console.

When enabled, the discourse_connect_csrf_protection setting ensures that the entire SSO authentication process occurs through browser redirects. If you are starting the authentication process by making a background request to session/sso, you will need to disable it. More details here: DiscourseConnect flow no longer functions - #5 by david.

1 Like