diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js
index e825012..8e7be7d 100644
--- a/lib/handlers/authorize-handler.js
+++ b/lib/handlers/authorize-handler.js
@@ -238,13 +238,14 @@ AuthorizeHandler.prototype.getScope = function(request) {
 
 AuthorizeHandler.prototype.getState = function(request) {
   const state = request.body.state || request.query.state;
-
-  if (!this.allowEmptyState && !state) {
-    throw new InvalidRequestError('Missing parameter: `state`');
-  }
-
-  if (!is.vschar(state)) {
-    throw new InvalidRequestError('Invalid parameter: `state`');
+  const stateExists = state && state.length > 0;
+  const stateIsValid = stateExists
+    ? is.vschar(state)
+    : this.allowEmptyState;
+
+  if (!stateIsValid) {
+    const message = (!stateExists) ? 'Missing' : 'Invalid';
+    throw new InvalidRequestError(`${message} parameter: \`state\``);
   }
 
   return state;
diff --git a/test/integration/handlers/authorize-handler_test.js b/test/integration/handlers/authorize-handler_test.js
index 49d2c0d..71535f0 100644
--- a/test/integration/handlers/authorize-handler_test.js
+++ b/test/integration/handlers/authorize-handler_test.js
@@ -932,6 +932,18 @@ describe('AuthorizeHandler integration', function() {
       }
     });
 
+    it('should allow missing `state` if `allowEmptyState` is valid', function () {
+      const model = {
+        getAccessToken: function() {},
+        getClient: function() {},
+        saveAuthorizationCode: function() {}
+      };
+      const handler = new AuthorizeHandler({ allowEmptyState: true, authorizationCodeLifetime: 120, model: model });
+      const request = new Request({ body: {}, headers: {}, method: {}, query: {} });
+      const state = handler.getState(request);
+      should.equal(state, undefined);
+    });
+
     it('should throw an error if `state` is invalid', function() {
       const model = {
         getAccessToken: function() {},