State not included in redirect token (error: "State in the token does not match the /continue state")

daniel23 · August 2, 2023, 7:53pm

This person got the same error:

Though they did not add what code was missing. I have tried adding a state to the session_token as such:

const session_token = api.redirect.encodeToken({
        secret: event.secrets.REDIRECT_SECRET,
        expiresInSeconds: 60, 
        payload: {
          sub: event.user.user_id,
          email: event.user.email,
          continue_uri: `https://${AUTH0_DOMAIN}/continue`,
          state: "abc123"
        },
      });

But obviously it is not a valid state, because it was not generated by Auth0 and does not match the /continue state wanted.

I have also tried to exchange the state from abc123 to state: event.transaction?.state but that is also not the correct state to add. The state from the URI is something long like this: hKFo2SBRNklVMFVPM2FkODh4ZUs4bGhwOWVyUEQtSW5nRTl2NKFuqHJlZGlyZWN0o3RpZNkgNnpzSXdMbzNkRGZluy0tdkowbm5nSG5BM2t5aTdSRkujY2lk2SBFNmdEV3ZmUVlIYmpPT3h3RDM5bk1pNlIzSklVcTQwMg whereas the state from the transaction is something short like this: S2NpVk1NU1JlbWFwMWxfY05vbnJIQmphMkNMVAZFcGt4UDNzMHJ5TUxibA==.

I get either the first error that it is a mismatch, or that the configuration is wrong.

Topic		Replies	Views
Help with Action Redirects Help extensibility , deploy-cli	2	1868	January 8, 2024
The session token is invalid: State in the token does not match the /continue state Help jwt , rules , login , redirect	3	4266	March 9, 2022
Event.transaction.state not same sent to redirect Help login-experience , login-prompt-new-experience	1	302	March 13, 2024
Session token is invalid Help extensibility , actions-extensibility	1	814	March 13, 2024
Post Registration Action - app.redirect is undefined Help configuration , application	2	806	September 7, 2023

State not included in redirect token (error: "State in the token does not match the /continue state")

Related Topics