If the nonce used for SIWE will be rejected by the relevant backend (authoritative keyserver or identity service, depending on usingCommServicesAccessToken) due to expiration, then we should force the user to generate a new SIWE signature.
Would normally put @varun on the review here, but going to ask @inka instead because he is out.
Depends on D12007