In my project, I have configured external login with google successfully. My project is SPA (.Net Core 5.0 with Angular) with IdentityServer4 and ASP.NET Core Identity. Now I want to configure Google one tap sign in, I have put the one tap html on my angular component (app.component.html) and I have also configured my client ID and secret on console.cloud.google.com

<div id="g_id_onload"
         data-client_id="my key goes here"
         data-context="signup"
         data-login_uri="https://localhost:5001/signin-oidc"
         data-nonce="%TRS#$*JND$%R#(HFTR"
         data-auto_select="true">
    </div>

Google one tap sign in showed up on my home page and when I clicked the sign-in button the consent screen displayed successfully and then google post back a token ID to https://localhost:5001/signin-oidc and an exception is thrown because of the missing “state” which is expected because I never send the “State” to google. Now my question is, is there any other middleware route like “signin-oidc” which doesn’t expect a “state” value. Or can I send the “State” from my client-side to Google Tap. Or is there any other recommended way to configure Google One Tap with .Net Core and IdentityServer4.

My Startup.cs looks like this.

  
      services.AddDefaultIdentity<ApplicationUser>(options =>
            {
                options.SignIn.RequireConfirmedAccount = true;
            })
                .AddRoles<IdentityRole>()
                .AddEntityFrameworkStores<ApplicationDbContext>();

            services.AddIdentityServer()
                .AddApiAuthorization<ApplicationUser, ApplicationDbContext>();

            services.AddAuthentication()
                .AddGoogleOpenIdConnect("Google", options =>
                {                                       
                    options.ClientId = "my key";
                    options.ClientSecret = "my-secret";
                })
                .AddIdentityServerJwt();

The exception which is thrown by the "signin-oidc" middleware