nonce#Nonce ("number used once") is, typically a randomly generated value (technically does not need to be a number) that's associated with a message in a cryptographic scheme and must be unique within some specified scope (such as a given time interval, or a session).
Nonce typically used to prevent Replay attack.
Using a nonce as a challenge is a different requirement than a random challenge, because a nonce is not necessarily unpredictable.
More Information#There might be more information for this subject on one of the following:
- Authorization Request Parameters
- Best Practices OpenID Connect
- Bitcoin block
- Covert Redirect Vulnerability
- Identity Token
- Identity Token Claims
- Identity Token Validation
- JSON Web Token Claims
- JSON Web Tokens
- Logout Token
- Nounce or Salt
- OAuth 2.0 Protocol Flows
- OAuth Parameters Registry
- One-time password device tokens
- OpenID Connect Flows
- Web Blog_blogentry_150617_1
- [#1] - What is the difference between hash salting and noncing? - based on information obtained 2016-10-28