diff --git a/server/handlers/oauth_callback.go b/server/handlers/oauth_callback.go
index 9b76ba9..cb9eab6 100644
--- a/server/handlers/oauth_callback.go
+++ b/server/handlers/oauth_callback.go
@@ -37,7 +37,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 		}
 		sessionstore.GetState(state)
 		// contains random token, redirect url, role
-		sessionSplit := strings.Split(state, "@")
+		sessionSplit := strings.Split(state, "___")
 
 		if len(sessionSplit) < 3 {
 			c.JSON(400, gin.H{"error": "invalid redirect url"})
diff --git a/server/handlers/oauth_login.go b/server/handlers/oauth_login.go
index 4f5e5dd..87eff74 100644
--- a/server/handlers/oauth_login.go
+++ b/server/handlers/oauth_login.go
@@ -58,7 +58,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 			roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
 		}
 
-		oauthStateString := state + "@" + redirectURI + "@" + roles + "@" + strings.Join(scope, ",")
+		oauthStateString := state + "___" + redirectURI + "___" + roles + "___" + strings.Join(scope, ",")
 
 		provider := c.Param("oauth_provider")
 		isProviderConfigured := true