Hi there folks, I’m attempting to use Hydra with a simple Python app (Flask based, if it matters). However, I cannot get auth to work. After my app redirects to hydra, and then I go through the consent UI, hydra throws an error about “session cookie is missing anti-replay token”. I’m assuming this is because there’s no nonce in the request, but I can’t figure out why. Can anyone point me in the right direction?
I noticed that on https://ory.gitbooks.io/hydra/content/tutorial.html, the auth URL that “hydra token user” spits out contains a nonce, which makes me think my app should be generating it. I tried adding random values as the nonce, but hydra throws a different error about those.