diff --git a/pretix_oidc/auth.py b/pretix_oidc/auth.py
index 245751c17b4708431997920a3f297555999ec2aa..2936fc7532ea21a89ea91fc11c2a1a5f8ea3d432 100644
--- a/pretix_oidc/auth.py
+++ b/pretix_oidc/auth.py
@@ -59,10 +59,8 @@ class OIDCAuthBackend(BaseAuthBackend):
 
     def authentication_url(self, request):
         oidc_state = rndstr()
-        oidc_nonce = rndstr()
         request.session["oidc_state"] = {
             oidc_state: {
-                "nonce": oidc_nonce,
                 "next": request.GET.get("next", None),
                 "generated_on": int(time.time()),
             }
@@ -73,7 +71,6 @@ class OIDCAuthBackend(BaseAuthBackend):
                 "client_id": self.client.client_id,
                 "response_type": "code",
                 "scope": self.scopes,
-                "nonce": oidc_nonce,
                 "redirect_uri": self.redirect_uri(request),
                 "state": oidc_state,
             }
@@ -104,9 +101,6 @@ class OIDCAuthBackend(BaseAuthBackend):
         if response_state not in oidc_state:
             return [None, None]
 
-        if auth_response["nonce"] != oidc_state[response_state]["nonce"]:
-            return [None, None]
-
         if oidc_state[response_state]["generated_on"] < time.time() + 5 * 60:
             return [None, None]