diff --git a/app/models/api/openid_connect/authorization.rb b/app/models/api/openid_connect/authorization.rb
index 639bf320a8933b42fb84875186caa2223e832c13..fce5220fe4db68c484e62c069f6b121601f248bc 100644
--- a/app/models/api/openid_connect/authorization.rb
+++ b/app/models/api/openid_connect/authorization.rb
@@ -38,7 +38,7 @@ module Api
         # TODO: Add support for request object
       end
 
-      def create_id_token(nonce=nil)
+      def create_id_token
         id_tokens.create!(nonce: nonce)
       end
 
diff --git a/db/migrate/20150708153926_create_authorizations.rb b/db/migrate/20150708153926_create_authorizations.rb
index c99fa0e85b4fdb2c4d8dd5808ae730b9fdf17dbc..af659bcf0cf7163cf32ba138f6203a56b184f67d 100644
--- a/db/migrate/20150708153926_create_authorizations.rb
+++ b/db/migrate/20150708153926_create_authorizations.rb
@@ -6,6 +6,7 @@ class CreateAuthorizations < ActiveRecord::Migration
       t.string :refresh_token
       t.string :code
       t.string :redirect_uri
+      t.string :nonce
 
       t.timestamps null: false
     end
diff --git a/db/schema.rb b/db/schema.rb
index 09519a9e42f88f65cf22e4b0d98684cafab55a5b..fa60983f84faf860062527bd63b7c2c273712802 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -69,6 +69,7 @@ ActiveRecord::Schema.define(version: 20150801074555) do
     t.string   "refresh_token",         limit: 255
     t.string   "code",                  limit: 255
     t.string   "redirect_uri",          limit: 255
+    t.string   "nonce",                 limit: 255
     t.datetime "created_at",                        null: false
     t.datetime "updated_at",                        null: false
   end
diff --git a/lib/api/openid_connect/authorization_point/endpoint_confirmation_point.rb b/lib/api/openid_connect/authorization_point/endpoint_confirmation_point.rb
index e15053e0eae912eaf02146759e8dce066636e638..62fa207a5dc57c1956bed81b3a5cb175f4f05cf7 100644
--- a/lib/api/openid_connect/authorization_point/endpoint_confirmation_point.rb
+++ b/lib/api/openid_connect/authorization_point/endpoint_confirmation_point.rb
@@ -23,6 +23,7 @@ module Api
         def approved!(req, res)
           auth = OpenidConnect::Authorization.find_or_create_by(
             o_auth_application: @o_auth_application, user: @user, redirect_uri: @redirect_uri)
+          auth.nonce = req.nonce
           auth.scopes << @scopes
           handle_approved_response_type(auth, req, res)
           res.approve!
@@ -32,7 +33,7 @@ module Api
           response_types = Array(req.response_type)
           handle_approved_auth_code(auth, res, response_types)
           handle_approved_access_token(auth, res, response_types)
-          handle_approved_id_token(auth, req, res, response_types)
+          handle_approved_id_token(auth, res, response_types)
         end
 
         def handle_approved_auth_code(auth, res, response_types)
@@ -45,9 +46,9 @@ module Api
           res.access_token = auth.create_access_token
         end
 
-        def handle_approved_id_token(auth, req, res, response_types)
+        def handle_approved_id_token(auth, res, response_types)
           return unless response_types.include?(:id_token)
-          id_token = auth.create_id_token(req.nonce)
+          id_token = auth.create_id_token
           auth_code_value = res.respond_to?(:code) ? res.code : nil
           access_token_value = res.respond_to?(:access_token) ? res.access_token : nil
           res.id_token = id_token.to_jwt(code: auth_code_value, access_token: access_token_value)