In OAuth, what is the state query parameter known as Local State?

Oauth

In OAuth, what is the state query parameter known as Local State?

About

The state query parameter is an opaque value used by the client (app) in redirection flow

Usage

Request

It's used in the request that initiates a redirection flow

Example for an authorization code:

GET /authorize?state=xyz&response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback HTTP/1.1
Host: server.example.com

Callback

It comes back in the URL of the redirection response.

Example for an authorization code:

HTTP/1.1 302 Found
Location: https://client.example.com/callback?state=xyz&code=SplxlOBeZQQYbYS6WxSbIA

Value

The state parameter value can

A state may be any string.

state=BVBGzPxmRgi6MNgj9Hmq





Discover More
Oauth
What is the OAuth Authorization Code Flow?

The authorization code grant type (flow) works with an intermediate credential called a authorization code. It is a indirect and redirection-based flow that is optimized for confidential clients. The...



Share this page:
Follow us:
Task Runner