How to add unique string to OAuth2 flow

Question

I'm trying to setup an OAuth2 flow on my react app and the instructions I've been given from the 3rd party say to add a 'state' parameter with a unique identifier that will be passed back to the redirect URL on a successful request. It's passed back so I know that the request originated from my site.

My question is how should I do this? Should the state I send to them be unique for everyone who clicks the link or should I just set the state to some random string that is the same for everyone?

Also, if it's unique for everyone, how would I stop someone from seeing the state by looking at the link URL in dev tools?

I can't get my head around this one. Here are the instructions in case they help... ...On your site, an [affiliate name] user wants to link their account to us. You redirect to our auth page (https://oauth2.example.com/oauth2/auth) As query parameters you will need to provide:

redirect_url : The redirect url you registered client_id : The identifier you were given state : A string that uniquely identifiers this request. We will pass it back to your redirect URL on successful request so that you know you were the originator of the auth flow. E.g. on your site, someone clicks on Connect Example Account, you open a page with URL https://oauth2.example.com/oauth2/auth?redirect_uri=https://affiliatename.com//auth/callback&client_id=12345&state=very_unique