diff --git a/app/[lang]/(live)/(public)/verifymagiclink/route.ts b/app/[lang]/(live)/(public)/verifymagiclink/route.ts
index 705f8e166..c3ca69f72 100644
--- a/app/[lang]/(live)/(public)/verifymagiclink/route.ts
+++ b/app/[lang]/(live)/(public)/verifymagiclink/route.ts
@@ -6,6 +6,7 @@ import { env } from "@/env/server"
 import { internalServerError } from "@/server/errors/next"
 
 import { signIn } from "@/auth"
+// import { encode } from "@auth/core/jwt"
 
 export async function GET(
   request: NextRequest,
@@ -13,7 +14,6 @@ export async function GET(
 ) {
   let redirectHeaders: Headers | undefined = undefined
   let redirectTo: string
-  let nonce: string
   let value: string
 
   redirectTo =
@@ -35,7 +35,6 @@ export async function GET(
     "set-cookie",
     "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
   )
-  nonce = "" + request.nextUrl.searchParams.get("nonce")?.toString()
   value = "" + request.nextUrl.searchParams.get("nonce")?.toString()
 
   try {
@@ -53,12 +52,27 @@ export async function GET(
       },
       [
         ["ui_locales", context.params.lang],
-        ["nonce", nonce],
+        ["nonce", value],
         ["acr_values", "cat"],
       ]
     )
 
     if (redirectUrl) {
+      // Check if needed based on discussion with Curity support for custom nonce
+      // const token = { value };
+      // const secret = env.NEXTAUTH_SECRET;
+      // const maxAge = 60 * 15;
+      // const name = "authjs.nonce";
+      // const testingCookie = await encode({ secret, maxAge, token, salt: name });
+      // console.log(testingCookie);
+      // const expires = new Date();
+      // expires.setTime(expires.getTime() + maxAge * 1000);
+      // redirectHeaders.append(
+      //   "set-cookie",
+      //   "authjs.nonce=" + testingCookie + "; Expires=" + expires + "; Path=/; HttpOnly; SameSite=Lax"
+      // )
+      // redirectUrl = redirectUrl.replace(/nonce=.*&code_challenge=/gi, "nonce="+value+"&code_challenge=");
+
       return NextResponse.redirect(redirectUrl, {
         headers: redirectHeaders,
       })
diff --git a/auth.ts b/auth.ts
index 0dca8c832..1a241582a 100644
--- a/auth.ts
+++ b/auth.ts
@@ -95,6 +95,7 @@ const curityProvider = {
   authorization: {
     url: `${env.CURITY_ISSUER_USER}/oauth/v2/authorize`,
   },
+  checks: ["pkce", "nonce"],
   token: {
     url: `${env.CURITY_ISSUER_USER}/oauth/v2/token`,
   },