K
Kinde2w ago
Rinzarin

Error: State not Found

Hey, i'm building my pet project with Next Js and Kinde, but I'm a bit stuck with State not found error that i've encoutered for a while At first localhost was working correctly and error appeared only with deployed version, but it's in both versions. I'm hosting with Firebase I'm using my own custom domain, but i have a feeling I might have set it up wrong KINDE_ISSUER_URL=https://theinterior.site KINDE_SITE_URL=https://theinterior.site KINDE_POST_LOGOUT_REDIRECT_URL=https://theinterior.site KINDE_POST_LOGIN_REDIRECT_URL=https://theinterior.site KINDE_REDIRECT_URI=https://theinterior.site/api/auth/kinde_callback and here is Kinde setup: Application homepage URI https://theinterior.site Application login URI: i've tried both https://my-name.kinde.com/login/callback https://theinterior.site/login/callback Allowed callback URLs http://localhost:3000/api/auth/kinde_callback https://theinterior.site/api/auth/kinde_callback Allowed logout redirect URLs http://localhost:3000 https://theinterior.site P.S. I also received a different error - ERR_TOO_MANY_REDIRECTS Let me know if you need any additional info, That's my first full scale project done on my own and I feel like I missed some things there with the setup.
Interior
Furniture Store
7 Replies
Ages - Kinde
Ages - Kinde2w ago
Hi there. You env values need to use the Kinde domain URLs and not your custom domain. Give that a try and let us know how you go.
Rinzarin
RinzarinOP2w ago
Thank you for the answer! Yes, i switched back to Kinde domain and I'm back to the state not found message: {"error":"Error: State not found.\nTo resolve this error please visit our docs https://docs.kinde.com/developer-tools/sdks/backend/nextjs-sdk/#state-not-found-errorAuthentication flow: Received: 5e25cf7ffb3e8cf32b380e28d513 | Expected: State not found"} localhost auth works fine though
Kinde docs
Next.js App Router SDK
Our developer tools provide everything you need to get started with Kinde.
Ages - Kinde
Ages - Kinde7d ago
Hello, @Rinzarin. I’m here to assist you with your issue. You mentioned encountering the errors "state not found" and ERR_TOO_MANY_REDIRECTS—both on localhost and with your custom domain, and now even with the Kinde domain. Could you clarify at which stage this occurs? For example, since you mentioned that authentication works fine on localhost, I assume the problem arises after authorization—perhaps during the callback stage. Could you confirm this? Questions: 1. Could you share the steps needed to reproduce the error? 2. Has anything changed since you last tested this? Thank you in advance!
Rinzarin
RinzarinOP6d ago
Hi Nathaly, If you visit https://theinterior.site/ and try to sign up or login you'll get the error Since the last time I tested it I only had State not Found error and ERR_TOO_MANY_REDIRECTS was gone after I switched back to the right KINDE_ISSUER_URL. I've had State not Found error since I hosted my website, it works fine on localhost Let me now if I need to provide any more information or code
Interior
Furniture Store
Ages - Kinde
Ages - Kinde5d ago
Thank you for this information. We will work on replicating this issue to assist you with potential solutions, and you can expect an update by next Monday. We will make sure to update you with any relevant suggestions or questions if necessary.
Nathaly Toledo
Nathaly Toledo2d ago
Hello, @Rinzarin. I have investigated your issue and these are the two most likely causes: The error normally occurs because the domain where you start the authentication flow (e.g., https://your-app.firebaseapp.com) doesn’t match the domain you’re redirected to after logging in (e.g., https://your-production-domain.com). Here’s what’s happening behind the scenes: 1. When you click "Login": - A unique "state" cookie is saved in your browser, tied to the initial domain (e.g., your-preview-domain.web.app). - Your app redirects you to Kinde’s login page. 2. After logging in: - Kinde tries to send you back to your app’s callback URL (e.g., your-production-domain.com/api/auth/kinde_callback). - Your app checks if the "state" cookie (from step 1) exists on the domain you’re redirected to. 3. The problem: - If the callback domain (where you’re redirected) doesn’t match the initial domain (where you started the flow), the browser can’t find the "state" cookie. - This mismatch causes the error, as the auth flow aborts for security reasons. - Hardcoded environment variables: If KINDE_SITE_URL or KINDE_POST_LOGIN_REDIRECT_URL are set to a static domain (e.g., your production URL), but you’re testing on a Firebase preview domain (e.g., your-project-id.web.app), the redirect will fail. - Multiple environments (staging/production): If you deploy to different Firebase Hosting channels (e.g., staging vs. production) but don’t update environment variables for each, domains will mismatch.
Nathaly Toledo
Nathaly Toledo2d ago
How to fix it: ✅ Ensure all domains match: - The domain you start the auth flow on must match the domains in KINDE_SITE_URL and KINDE_POST_LOGIN_REDIRECT_URL. I would check this via the Network tab of the Developer Tools of your browser to confirm that I am being redirected to the same app/domain when the callback happens. ✅ Dynamically set environment variables for Firebase preview/production deployments. I have attached the guide for Next.js that shows you an example of this. Unlikely but could be tested I would recommend having different paths for the login and redirect URLs, such as: KINDE_SITE_URL=http://localhost:3000 KINDE_POST_LOGIN_REDIRECT_URL=http://localhost:3000/dashboard Source: https://docs.kinde.com/developer-tools/sdks/backend/nextjs-sdk/#state-not-found-error Let me know if these help!
Kinde docs
Next.js App Router SDK
Our developer tools provide everything you need to get started with Kinde.

Did you find this page helpful?