CSRF tokens vs Nonce confusion - are they the same?

Question

In a attempt to make the current application I\'m developing more secure, I\'ve been reading about CSRF tokens and also Nonce.

My question simply is, Are CSRF tokens

Answer 1

It's sort of the same thing. A "nonce" is just a one-time password itself. It can serve as cryptographic salt, but basically is just a random value. See WP:Nonce

But to sum it up, a nonce is often used as CSRF token. It's an implementation detail. The difference to other use cases is that it later gets asserted.