diff --git a/src/oidc/authorize.ts b/src/oidc/authorize.ts
index 557a5c7e4..9e0546ad6 100644
--- a/src/oidc/authorize.ts
+++ b/src/oidc/authorize.ts
@@ -129,6 +129,7 @@ export const generateAuthorizationUrl = async (
  * @param nonce - state
  * @param prompt - indicates to the OP which flow the user should see - eg login or registration
  *          See https://openid.net/specs/openid-connect-prompt-create-1_0.html#name-prompt-parameter
+ * @param urlState - value to append to the opaque state identifier to uniquely identify the callback
  * @returns a Promise with the url as a string
  */
 export const generateOidcAuthorizationUrl = async ({
@@ -139,6 +140,7 @@ export const generateOidcAuthorizationUrl = async ({
     identityServerUrl,
     nonce,
     prompt,
+    urlState,
 }: {
     clientId: string;
     metadata: ValidatedIssuerMetadata;
@@ -147,8 +149,9 @@ export const generateOidcAuthorizationUrl = async ({
     redirectUri: string;
     nonce: string;
     prompt?: string;
+    urlState?: string;
 }): Promise<string> => {
-    const scope = await generateScope();
+    const scope = generateScope();
     const oidcClient = new OidcClient({
         ...metadata,
         client_id: clientId,
@@ -164,6 +167,7 @@ export const generateOidcAuthorizationUrl = async ({
         state: userState,
         nonce,
         prompt,
+        url_state: urlState,
     });
 
     return request.url;