Exchange a nonce between the SSO server and the target service /sso_login endpoint, to prevent certain kinds of attacks.