How state will work here https://login.paytmmoney.com/merchant-login?apiKey={api_key}&state={state_key} ?
State is a variable key which a merchant/fintech company expects Paytm Money to return with a Request Token. This can be string. This is optional parameter, can be used to identify Request Token against the particular user.
state is a randomly selected value that should be passed to authentication endpoint, it should be unique for each authorisation request.
During the OAuth2 callback (when the authorisation is successful and user is redirected back to your app’s redirect url), your app must check that this value matches the one you provided during authorization.
This mechanism is important for the security of your app.
2 Likes