You can use the state for pretty much anything you like. Some use it for as your suggesting and put a token to identify that user so when they’re redirected you know who they are, some users include the path so if the user was attempting to visit your.domain/some/path your server can redirect them to /some/path after the login process. And of course there is most importantly using the state param to prevent CSRF which I HIGHLY recommend you googling yourself as there are better documentation and examples on that than what I can provide.
You can use any, or all, of those things in the state param, it’s up to you!