Autional Autional
API Reference GitHub autional.com →

POST /oauth/device/authorize

OAuth 2.0 device authorization endpoint. Device initiates authorization request, obtains device_code and user_code; user then enters user_code in browser to complete authorization. Public endpoint, no authentication required. Reference: RFC 8628 §3.1 (Device Authorization Grant).

OAuth None application/json

Request Body

Schema: dto.DeviceAuthorizationRequest

FieldTypeRequiredExampleConstraintsDescription
client_id string Yes app-123
scope string No openid profile

Responses

StatusDescriptionSchema
200Device authorization response (includes device_code, user_code, verification_uri, expires_in, interval)dto.DeviceAuthorizationDetailResponse
400invalid_client: client not found or not active. Reference: RFC 8628 §3.1.dto.OAuthErrorResponse
500server_error: failed to create device authorization. Reference: RFC 8628 §3.1.dto.OAuthErrorResponse

Referenced Schemas

dto.DeviceAuthorizationDetailResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
data dto.DeviceAuthorizationResponse No
message string No
timestamp string No

dto.DeviceAuthorizationResponse

Device code authorization response (RFC 8628 §3.2)

FieldTypeRequiredExampleConstraintsDescription
device_code string No 01ARZ3NDEKTSV4RRFFQ69G5FAV
expires_in integer No 600
interval integer No 5
user_code string No BDJW-DSXQ
verification_uri string No https://authms.example.com/device

dto.OAuthErrorResponse

OAuth standard error response

FieldTypeRequiredExampleConstraintsDescription
error string No invalid_request Error code
error_description string No Missing required parameter Error description
error_uri string No https://docs.example.com/errors Error URI
state string No state-123 Status