The "invalid nonce" error occurs because you're using two different nonce values one from the JSR223 PreProcessor and another from the response header. Amazon Cognito requires the same nonce to be used consistently throughout the authentication flow. To fix this, generate the nonce once using your PreProcessor and use that same value in the authorization request. Avoid using or overwriting it with the response header value.