We have enabled JWT SSO in our account for our users to log in the developers portal and implemented our side of it. Users are successfully sent to our Website to authenticate, but the problem is that every time we redirect back to Freshdesk with the token and the state in the URL we always get an authorization error saying the state or nonce was not passed but it has.
After successful login we redirect users to: https://ourcompany.freshworks.com/sp/OIDC/XXX/implicit?state=XXX&id_token=XXX where the URL is the one provided in the redirect URL at the freshworks security settings, state is the state passed to our app through the query URL form freshworks and id_token is the JWT generated according to the docs. We’ve verified the state matches the one received, and we have validated the token with the signature set in the security setting and we’ve verified it includes the nonce received, so at this point we have no clue of what we might be doing wrong.
Any help would be highly appreciated.