i am using c# console application to get access to okta. i sendt “stateToken” parameter and set cookies sid, oktaStateToken in http request. the response i got is OKTA_INVALID_SESSION_REPOST.
do i need to validate the session again?.

How do you get those values? Also, what is the task you trying to solve?

All those cookies were designed to be used in browser sessions. If you need some backend operations, it would make more sense to use API tokens