Problem with following Auth0 tutorial. Basic Auth0 usage with .NET

I have been following this tutorial to integrate basic user login/password authentication for our simple ASP.NET web application:

I was able to get the login page to come up, and I was able to create an account. Then I received an email and confirmed my account, but when I was redirected from there my app crashed. I was able to rerun the app and login, but again the site crashed when I was redirected. I have since been tinkering with some values to make the redirection work, and in so doing I have lost the previous functionality I had. I can no longer access a login page.

The error I now receive when clicking on the login button is

"An unhandled exception occurred while processing the request.
Exception: OpenIdConnectAuthenticationHandler: message.State is null or empty.
Unknown location

Exception: An error was encountered while handling the remote login.

I am brand new to Auth0 and to ASP.NET, so I think this is probably a very simple problem: I just don’t know enough to solve it. Please let me know if I can post any code snippets that might make this problem easy to solve.


Here is one relevant portion of code:

.AddOpenIdConnect(“Auth0”, options => {
// Set the authority to your Auth0 domain
options.Authority = $“”;

            // Configure the Auth0 Client ID and Client Secret
            options.ClientId = "GPIZ29lJhB5wk45Ixsay4SUeUmOxjE7P";
            options.ClientSecret = "MAiYmvl9GmXf0wgbZbiMJXXKA9j-4C7GP1ns0cOCB2WbzkXQVlqeip2K5i0zXy-Q";

            // Set response type to code
            options.ResponseType = OpenIdConnectResponseType.Code;

           // Configure the scope

            // Set the callback path, so Auth0 will call back to http://localhost:.../callback
            // Also ensure that you have added the URL as an Allowed Callback URL in your Auth0 dashboard
            options.CallbackPath = new PathString("/Backroom/Products");

            // Configure the Claims Issuer to be Auth0
            options.ClaimsIssuer = "Auth0";

            options.Events = new OpenIdConnectEvents
                // handle the logout redirection
                OnRedirectToIdentityProviderForSignOut = (context) =>
                    var logoutUri = $"https://{Configuration[""]}/?client_id={Configuration["GPIZ29lJhB5wk45Ixsay4SUeUmOxjE7P"]}";

                    var postLogoutUri = "/Backroom/Campaigns";
                    if (!string.IsNullOrEmpty(postLogoutUri))
                        if (postLogoutUri.StartsWith("/"))
                            // transform to absolute
                            var request = context.Request;
                            postLogoutUri = request.Scheme + "://" + request.Host + request.PathBase + postLogoutUri;
                        logoutUri += $"&returnTo={ Uri.EscapeDataString(postLogoutUri)}";


                    return Task.CompletedTask;

Here is my Account Controller code:

public class AccountController : Controller
public async Task Login(string returnUrl = “/Backroom/Products”)
await HttpContext.ChallengeAsync(“Auth0”, new AuthenticationProperties() { RedirectUri = returnUrl });

    public async Task Logout()
        await HttpContext.SignOutAsync("Auth0", new AuthenticationProperties
            // Indicate here where Auth0 should redirect the user after a logout.
            // Note that the resulting absolute Uri must be whitelisted in the
            // **Allowed Logout URLs** settings for the app.
            RedirectUri = Url.Action("https://localhost:44351/")
        await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

On Auth0, the only allowed callback URL is

and the only allowed logout URL is