Device Flow Description
Revision as of 13:32, 10 April 2020 by Pavel.lobko (talk | contribs)
The flow consists of the following steps:
- i2Rest client sends a request to the authorization server and includes its client identifier in the request.
- The authorization server responds with a device code, an end-user code and the verification URL.
- i2rest client provides end-user with a device code and the verification URL.
- Now it's time end-user to follow provided verification URL on any capable device. After authentification on authorization server end-user will be prompted to grant (or deny) access to the application.
- At the time end-user i2 rest starts polling authorization server.
- The authorization server validates the device code provided by the client and responds with the access token if the client is granted access, an error if they are denied access, or an indication that the client should continue to poll.
Required parameters
| Parameter | Description |
|---|---|
| Authentication method | *OAUTH2C must be specified
|
| Command | Any of available request type can be choosen |
| API endpoint | HTTP resource to serve the request |
| Tokens storage | ??????? |
| User/OAuth2 client/device ID | Client Credentials to authenticate with authorization server |
| User/OAuth2 client/dev passwd | |
| OAuth2 token endpoint | HTTP resource used by the client to abtain an access token |
