Hi @shubham.goyal,
The state parameter is a unique, unguessable string string that is base64 encoded. The state is used to prevent CSRF attacks. You can read more about state here: https://auth0.com/docs/protocols/state-parameters
This topic walks through how the state is used in auth0-spa-js package: Redirecting Users with State Parameters