diff --git a/lib/auth/oauth2/index.js b/lib/auth/oauth2/index.js
index f223a159..5c432d3b 100644
--- a/lib/auth/oauth2/index.js
+++ b/lib/auth/oauth2/index.js
@@ -16,6 +16,7 @@ passport.use(new OAuth2CustomStrategy({
   clientSecret: config.oauth2.clientSecret,
   callbackURL: config.serverURL + '/auth/oauth2/callback',
   userProfileURL: config.oauth2.userProfileURL,
+  state: config.oauth2.state,
   scope: config.oauth2.scope
 }, passportGeneralCallback))
 
diff --git a/lib/config/default.js b/lib/config/default.js
index 79bb1aad..95ee1940 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -100,6 +100,7 @@ module.exports = {
     userProfileDisplayNameAttr: 'displayName',
     userProfileEmailAttr: 'email',
     userProfilePhotoAttr: 'photo',
+    state: true,
     scope: 'email'
   },
   facebook: {
diff --git a/lib/config/environment.js b/lib/config/environment.js
index f51ccfb2..0867aecf 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -94,6 +94,7 @@ module.exports = {
     tokenURL: process.env.CMD_OAUTH2_TOKEN_URL,
     userProfileURL: process.env.CMD_OAUTH2_USER_PROFILE_URL,
     scope: process.env.CMD_OAUTH2_SCOPE,
+    state: process.env.CMD_OAUTH2_STATE,
     userProfileUsernameAttr: process.env.CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR,
     userProfileDisplayNameAttr: process.env.CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR,
     userProfileEmailAttr: process.env.CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR,