If you are attempting to automate logging a test user into a certain application, then you will need to know, in addition to the Okta subdomain used in the /authn, the client ID for the OIDC application (provided we’re talking about testing with OIDC apps) as well as the allowed OIDC grant type (Implicit, Authorization Code flow, etc).
You can automate logging into OIDC applications by taking the session_token returned from the /authn call and including it as a parameter in the /authorize call you make for your application, as noted in the documentation for this endpoint: https://developer.okta.com/docs/reference/api/oidc/#request-parameters.
As far as the nonce and state are concerned, these parameters exist as security features. The nonce is used to mitigate replay attacks while the state token can be used by the client application to remember the state of its interaction with the end user at the time of the authentication call, per https://developer.okta.com/docs/reference/api/oidc/#request-parameters. These values can just be randomly generated in your tests, which you’ll find that the Sign In Widget does by default: https://github.com/okta/okta-signin-widget#openid-connect.
I’d advise taking a look at this post that discusses automating logins where Dragos has provided some example curl commands: Automating Authorization Code Flow