OIDC: Passing some kind of state to the OpenID IDP

Hi all,

I have a situation where my app (The RP) wants to pass a value to the IDP as part of the authentication request. So instead of just saying in the oauth request (for example):


I want to be able to say


And I want Okta to forward that on to the IDP. I notice that it randomises state and nonce before passing them on.

I feel like this might be what RelayState does in SAML - I’m looking for the OIDC equivalent.

The best I’ve found so far is to throw my JWT into login_hint - any downsides to that? I self-develop the OID IDP in this case so it’s not an out of the box solution. I know that sounds like horror but it’s necessary for the niche flow I’m working on, trust me :wink: