/oauth2/device/code
The Device authorization grant endpoint defined in RFC 8628 OAuth 2.0 Device Authorization Grant.
Client devices use this endpoint in the following flows to get the codes and information required to obtain the resource owner’s consent for device access:
Specify the realm in the request URL; for example:
https://<tenant-env-fqdn>/am/oauth2/realms/root/realms/alpha/device/code
The device code endpoint supports the following parameters:
Parameter | Description | Required |
---|---|---|
The OpenID Connect authentication context class reference values. |
||
The user attributes to be returned in the ID token. |
No |
|
Uniquely identifies the application making the request. |
Yes |
|
The code verifier generated for the PKCE flow. |
Yes, for the Authorization code grant with PKCE flow |
|
The method to derive the code challenge. |
Yes, when the |
|
String value that can be set to the ID the user uses to log in. |
No |
|
String value that associates the client session with the ID token. |
No |
|
Specifies whether to prompt the end user for authentication and consent. |
No |
|
The scopes linked to the permissions requested by the client from the resource owner. |
No |
|
The value to maintain state between the request and the callback. |
No, but strongly recommended |
|
The end user’s preferred languages for the user interface. |
No |