I saw this post which looks similar (at least we’re both running into Couldn't authenticate WebSocket connection).
I tried setting
c.Spawner.oauth_client_allowed_scopes = ['inherit']
And did not observe any difference in behavior 
I’m not entirely clear what authentication state is or does, but I’m grasping at straws so I enabled on that on my JupyterHub installation as well with no success.