BadRequestError: checks.state argument is missing

Hey there,

Not sure if there is any definitive answer on this but this is also happening to my on my vanilla express deployment, using the Universal Login and the express-openid-connect library.

It really creates such an untenable user experience and a lot of stress knowing this is happening in the wild.

What concrete steps should I take to mitigate this? From the thread so far it seems that the issue could be related to:

  1. Dropped cookies
  2. Misconfigured base URL

I’ve wrote in to support but want to explore as many avenues as possible to fix this.

Best,
Christian.

1 Like

we’re having the same issues and everything is configured correctly as far as we can tell. No clue how to get around it.

@philihp Did you find a solution to the problem , I have also hosted using vercel and works fine only on localhost

I got the “checks.state argument is missing” in my website doployed on vercel and your reply made me realize that i forgot to change the AUTH0_BASE_URL for the vercel domain “subdomain.vercel.app” im using instead of localhost.
Also i forgot to add the “subdomain.vercel.app/api/auth/callback” in Auth0 Allowed Callback URL section.
Now everything is working just fine, thanks.

2 Likes

Wooohooo perfect! Glad to hear that!

So I get the same issue, trying to authenticate using the callback url with the following format
/api/auth/callback?access_token=youraccesstoken&scope=yourscope&subject=yoursubject&refresh_token=yourrefreshtoken&expires_in=yourexpiresin&token_type=Bearer&state=randomstate

Am I missing something? My app is NextJS app