diff --git a/internal/api/handlers_me.go b/internal/api/handlers_me.go
index fefd041..194087c 100644
--- a/internal/api/handlers_me.go
+++ b/internal/api/handlers_me.go
@@ -404,10 +404,10 @@ func (h *meHandler) ConnectProvider(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	mac := computeHMAC(h.jwtSecret, state)
+	mac := computeHMAC(h.jwtSecret, state+":"+"login")
 	http.SetCookie(w, &http.Cookie{
 		Name:     "oauth_state",
-		Value:    state + ":" + mac,
+		Value:    state + ":" + mac + ":" + "login",
 		Path:     "/",
 		MaxAge:   600,
 		HttpOnly: true,