Are nonce and state automatically verified?

Help
1

Nonce and State:
When I login with “loginWithCredentials” method, the request is created with the nonce and state in the querystring and after a succesfully login, the id token has the same nonce and the callback url has the same state. Is the following method checking if the nonce and state match? or more in general, is auth0-js somwhere verifiing this values?

this.auth0.parseHash((err, authResult) => {
if (authResult && authResult.accessToken) {
window.location.hash = ‘’;
this.auth0.client.userInfo(authResult.accessToken, (err, profile) => {
//if (profile) {
this._setSession(authResult, profile);

2

I fonud the answer here Auth0.js v9 Reference
It depends if I use autorize or checksession. For the first one will be checked by auth0.js, for checksession we have to add the nonce manually.