Implementing a nonce

You can implement a nonce to be used with single sign-on digest authentication.

To use a nonce with the unencrypted token or encrypted token methods of single sign on, the steps in this article will still apply with only a few minor changes.
Note: The nonce is used only for login requests, not for any other type of request. If the system receives a nonce value after login, the nonce is not consumed.

Benefits

The usage of a nonce prohibits a malicious user from performing a replay attack in order to log into your system.