I created a custom app based on the python quickstart and had no problem with completing the OAuth flow to enable the app in my Monday.com environment. However, when I shared the app with another user and they attempted to complete the OAuth flow they encountered an invalid state error. I’m using the code provided by the quickstart (from the callback method in auth.py):
def validate_state() -> None:
"""
Validates the state parameter from the OAuth2 callback.
"""
returned_state = request.args.get('state')
saved_state = request.cookies.get('state')
if returned_state != saved_state:
raise GenericBadRequestError('Invalid state')
Why would this code work for me and not for another user?