Kong-OIDC Plugin Configurations

I have put single page application behind Kong and trying to use OIDC plugin (https://github.com/nokia/kong-oidc) for authorization_code grant flow and then call subsequent backend services (which are already behind Kong) with the token.

OIDC plugin configuration are as follows:

“config”: {
“response_type”: “code”,
“introspection_endpoint”: null,
“timeout”: null,
“filters”: null,
“bearer_only”: “no”,
“ssl_verify”: “no”,
“session_secret”: null,
“introspection_endpoint_auth_method”: null,
“realm”: “kong”,
“redirect_after_logout_uri”: “/”,
“scope”: “openid sam_account”,
“token_endpoint_auth_method”: “client_secret_basic”,
“client_secret”: “XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”,
“client_id”: “YYYYYYYYYYYYYYYYYYYY”,
“logout_path”: “/logout”,
“discovery”: “https://samauth.us-east-1.sws.siemens.com/.well-known/openid-configuration”,
“recovery_page_path”: null,
“redirect_uri_path”: “/”
}

I am getting “state from argument does not match state restored from session” error.

Ideally it should request for code from OIDC (here it is samauth.us-east-1.sws.siemens.com) server and then request for token by using code from the server only.

Could you please help me to use the OIDC plugin?