OAuth for Authorization_url request without user data. How do I match the user?

While developing the ChatGPT plugin using OAuth, the login process is successful and the plugin is loaded into ChatGPT. However, I need data for which user the session is for, especially when making requests by chatgpt to the ‘authorization_url’ endpoint during token generation. I cannot use session or cookie here, it does not work. How can I solve this? Or what kind of coding should I do from the beginning? I’m waiting for your help. Have a nice day.

Shouldn’t your webapp authenticate the user first, before it authorizes ?

When I direct the user back to chatgpt, that is, when the plugin is installed, the token has not been received yet and when chatgpt wants to buy tokens from me, it makes a hidden request and this request comes with a verification code from client_id, secret_key and open_id. For this reason, I cannot keep user data in the browser. I’m trying to understand if I have a logical error. Please correct me if I’m wrong.