wesz6 (wesz6) asked a question.
State value is not present in redirect/callback url
The parameters "state" and "nonce" are unique values generated from your end which can be used to verify the request. After sending this values to Okta, Okta will redirect back to your callback with the location of the values as follows:
- state: present on the callback endpoint, along with the authorization code or ID token in this case
- nonce: present in the ID token requested
According to above statement state should be present on the callback endpoint but in my case it's not. I do see nonce in the ID token requested though.
Please help!
Sincerely,
Medet
Hi @wesz6 (wesz6) , Thank you for reaching out to the Okta Community!
The state should be coming back the same way the tokens/authorization codes are.
Perhaps you can investigate this further by looking at a HAR file.
Here's a guide on how to get it:
https://help.okta.com/oag/en-us/Content/Topics/Access-Gateway/troubleshooting-with-har.htm
Hope it helps!