Nextjs-auth0 SDK users receive "checks.state argument is missing” error when log in again

Problem Statement

We use the nextjs-auth0 version 1.9.1. Users received an error where they can log in once, then log out, and the next attempt to log in returns “checks.state argument is missing” error. This error does not happen when running the app on localhost. It only happens after deployment.

The second login attempt appears to get no Response Cookies from /api/auth/login, whereas the first login gets a _state cookie.


The api/auth/login endpoint appears to be cached:

This endpoint is what the nextjs-auth0 SDK uses to initiate the login flow. Caching this resource would explain why you don’t see this error on localhost (different caching mechanisms/rules).


Disabling caching for the api/auth endpoints in your cloud service provider allowed for this endpoint to properly re-initiate the login flow each time following the first login.