So you should have something like: 1. Serialise my object as json 2. Encode as base64 3. Pass state as a query param to the /authorize endpoint