[keycloak-dev] Strange behaviour with invalid state param

Hi, I have a strange behaviour with an invalid state param. The server writes the following log, which is correct: WARN  [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-17) No state cookie After that I receive a 400 error in my browser with the following URL: https://pcc811.hrms.ch:9443/index.html?code=Q-NK1wwTdqja5XU8lUkNkZnEy40Zd... I can load this URL again and than I am successfully logged in. Is this the correct behaviour? Best Michael