Difference between revisions of "Device flow description"
Pavel.lobko (talk | contribs) (Created page with "{{DISPLAYTITLE:Device Flow Description}}") |
Pavel.lobko (talk | contribs) |
||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:Device Flow Description}} | {{DISPLAYTITLE:Device Flow Description}} | ||
| + | |||
| + | |||
| + | (A) The client requests access from the authorization server and | ||
| + | includes its client identifier in the request. | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | (B) The authorization server issues a device code and an end-user | ||
| + | code and provides the end-user verification URI. | ||
| + | |||
| + | (C) The client instructs the end user to use a user agent on another | ||
| + | device and visit the provided end-user verification URI. The | ||
| + | client provides the user with the end-user code to enter in | ||
| + | order to review the authorization request. | ||
| + | |||
| + | |||
| + | |||
| + | (D) The authorization server authenticates the end user (via the | ||
| + | user agent), and prompts the user to input the user code | ||
| + | provided by the device client. The authorization server | ||
| + | validates the user code provided by the user, and prompts the | ||
| + | user to accept or decline the request. | ||
| + | |||
| + | (E) While the end user reviews the client's request (step D), the | ||
| + | client repeatedly polls the authorization server to find out if | ||
| + | the user completed the user authorization step. The client | ||
| + | includes the device code and its client identifier. | ||
| + | |||
| + | (F) The authorization server validates the device code provided by | ||
| + | the client and responds with the access token if the client is | ||
| + | granted access, an error if they are denied access, or an | ||
| + | indication that the client should continue to poll. | ||
Revision as of 12:55, 7 April 2020
(A) The client requests access from the authorization server and
includes its client identifier in the request.
(B) The authorization server issues a device code and an end-user
code and provides the end-user verification URI.
(C) The client instructs the end user to use a user agent on another
device and visit the provided end-user verification URI. The
client provides the user with the end-user code to enter in
order to review the authorization request.
(D) The authorization server authenticates the end user (via the
user agent), and prompts the user to input the user code
provided by the device client. The authorization server
validates the user code provided by the user, and prompts the
user to accept or decline the request.
(E) While the end user reviews the client's request (step D), the
client repeatedly polls the authorization server to find out if
the user completed the user authorization step. The client
includes the device code and its client identifier.
(F) The authorization server validates the device code provided by
the client and responds with the access token if the client is
granted access, an error if they are denied access, or an
indication that the client should continue to poll.
