It's my understanding that the OAuth "state" parameter nonce is generated and st... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		modeless on Aug 13, 2024 \| parent \| context \| favorite \| on: Tell HN: Google OAuth consent screen issue could b... It's my understanding that the OAuth "state" parameter nonce is generated and stored and validated on the client, not the server.

loa_in_ on Aug 13, 2024 [–]

You're right. sorry. There goes me not refreshing my memory about the flow.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact