There are several causes of the "Client state could not be verified" error. The most common is that the login was started from a console URL that is not the public URL. This would happen when the master public URL had an incorrect direct to the console URL. That problem was fixed under
The other time this can happen is when performing a login concurrently to the same console across different tabs. This behavior was improved in
There are still some known limitations around concurrent logins, however. See the comment here:
Once you complete login in one of the tabs, you won't be able to complete login in the other tabs. We don't plan to change this because it would weaken security. Currently logins have a `nonce` value that cannot be reused. The nonce is destroyed when you complete login in one of the tabs as a security measure. The side effect is that the logins in the other tabs will fail. This is unfortunate, but again not something we can change without reducing security of the login.
If the problem you are seeing is not one of the issues above, please let us know.