Hi, I use sso to login to wordpress by discourse. I used discourse wordpress plugin
First it’s work smoothly
But when I’m in the same session (not log out), and try to go to link admin /wp-admin/, it does not redirect me to dashboard, and show this error in login form:
Expired Nonce
There is something wrong with session or cookies
This make user confused, because I use sso by google login
I think the problem you are having is caused by object caching on your server. Try adding something like the following code to your WordPress theme’s functions.php file to see if that solves the problem:
add_filter('wpdc_sso_client_query', 'wpdc_custom_sso_client_query' );
function wpdc_custom_sso_client_query() {
return wp_generate_password( 12, false );
}
There are some details about this here: Wordpress SSO Expired nonce - #15 by simon.
It still failed with this code
Discourse is not ok with cloudflare, but I use cloudflare for my web to defend. Is it ok?
It 's ok if I delete cookies and login again, but it is confused
It stop by this link:
/wp-login.php?discourse_sso_error=expired_nonce
The intesting test I found is not every link of your plugin failed
This link is work normally:
/?discourse_sso=7cygqwtc8aaz&redirect_to=https%3A%2F%2Fmyweb.net%2Fmy-account
It means your parameter “7” in sso is ok
I try to redirect my link to this parameter to redirect user
You could check to resolve this by parameters of links
This link is on text “External Login Text” is worked ok
Did you eventually find a solution? I have the same problem.
Try using the solution that is given here: Wordpress SSO Expired nonce - #15 by simon.
Thanks, I applied it but the problem persists.
@Golaxo Are you also using Cloudflare?
If so, please try disabling Cloudflare entirely and check if the problem persists.
Thanks mate, after swearing a lot I found the problem: the Paid Membership Pro plugin made a conflict. I still need to find out how to restrict content on Wordpress for users coming from Discourse SSO but at least I see where the problem is now 
