/oauth/device/authorizeOAuth 2.0 device authorization endpoint. Device initiates authorization request, obtains device_code and user_code; user then enters user_code in browser to complete authorization. Public endpoint, no authentication required. Reference: RFC 8628 §3.1 (Device Authorization Grant).
Schema: dto.DeviceAuthorizationRequest
| Status | Description | Schema |
|---|---|---|
| 200 | Device authorization response (includes device_code, user_code, verification_uri, expires_in, interval) | dto.DeviceAuthorizationDetailResponse |
| 400 | invalid_client: client not found or not active. Reference: RFC 8628 §3.1. | dto.OAuthErrorResponse |
| 500 | server_error: failed to create device authorization. Reference: RFC 8628 §3.1. | dto.OAuthErrorResponse |
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
code |
integer |
No | |||
data |
dto.DeviceAuthorizationResponse |
No | |||
message |
string |
No | |||
timestamp |
string |
No |
Device code authorization response (RFC 8628 §3.2)
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
device_code |
string |
No | 01ARZ3NDEKTSV4RRFFQ69G5FAV |
||
expires_in |
integer |
No | 600 |
||
interval |
integer |
No | 5 |
||
user_code |
string |
No | BDJW-DSXQ |
||
verification_uri |
string |
No | https://authms.example.com/device |
OAuth standard error response
| Field | Type | Required | Example | Constraints | Description |
|---|---|---|---|---|---|
error |
string |
No | invalid_request |
Error code | |
error_description |
string |
No | Missing required parameter |
Error description | |
error_uri |
string |
No | https://docs.example.com/errors |
Error URI | |
state |
string |
No | state-123 |
Status |