Error on Blazor Server app: "State is null or empty"

lucacara · March 10, 2026, 8:40pm

Good morning.

I’m developing a Blazor Server application with framework .NET 10 that requires Okta authentication.

Although I’ve followed all the instructions, after authentication I still receive the following error message: “OpenIdConnectAuthenticationHandler: message.State is null or empty.”

The application runs in https, cross-origin third-party cookies are enabled, and the application settings on the Okta website are consistent with the application code.

Has anyone encountered and solved this problem?

vk-giri · April 24, 2026, 10:54am

Hi,

This may be due to the correlation cookie not making it back to the app on the callback. A few things worth checking:

Try explicitly setting the correlation/nonce cookies in your AddOpenIdConnect config:

options.CorrelationCookie.SameSite = SameSiteMode.None;
options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.Always;
options.NonceCookie.SameSite = SameSiteMode.None;
options.NonceCookie.SecurePolicy = CookieSecurePolicy.Always;

Clear site cookies before retrying.

Enabling debug logging on Microsoft.AspNetCore.Authentication can also help pinpoint which cookie is missing.

Post		Replies	Views
Random message.State is null or empty occurencces Questions	2	6835	February 8, 2024
ASP.Net Core exception when authenticating through 3rd party identity providers Questions	6	12499	July 17, 2020
Access Token is null for blazor web app integrated with Okta OAuth/OIDC dotnet	2	547	July 10, 2024
Okta Blazor Server Side Error Questions	1	4708	January 23, 2024
Blazor Server Side Authenticatoin Questions	14	6926	February 20, 2020

Error on Blazor Server app: "State is null or empty"

Related topics