1. Home >
2. OpenId Connect >
3. API Reference - Latest >
4. Device Code Flow - Authorization

Device Code Flow - Authorization

Use this API to start OIDC Device Code Flow on your input-constrained device. The device should instruct the user to open a verification_uri from the response on a secondary device in order to complete the authorization.

Device Code Flow enables OIDC on devices that have an internet connection but don’t have a browser or an easy way to enter text. This flow is seen on devices such as smart TVs, media consoles, picture frames, printers, or hardware video encoders. In this flow, the device instructs the user to open a URL on a secondary device such as a smartphone or computer in order to complete the authorization. There is no communication channel required between the user’s two devices.

Endpoints

To find proper endpoints for your organization’s use, go to https://your-subdomain.onelogin.com/oidc/2/.well-known/openid-configuration and look for the following code:

"device_authorization_endpoint":
    "https://your-subdomain.onelogin-shadow01.com/oidc/2/device/auth",
"token_endpoint":
    "https://your-subdomain.onelogin-shadow01.com/oidc/2/token",
"grant_types_supported": [
    "urn:ietf:params:oauth:grant-type:device_code",
]

Resource URL

https://<subdomain>.onelogin.com/oidc/2/auth

Resource Parameter

Request Parameter

Sample Response

{
"device_code": "kdoq~tmfPl3f0e2dJaPkUra5mEi",
"user_code": "KGXP-TLFS",
"verification_uri":
    "https://subdomain.onelogin-shadow01.com/oidc/2/device",
"verification_uri_complete":
    "https://subdomain.onelogin-shadow01.com/oidc/2/device?user_code=KGXP-TLFS",
"expires_in": 600,
"interval": 5
}

OIDC Rate Limit

Authentication

Have a Question?

Found a problem or a bug? Submit a support ticket.

Looking for walkthroughs or how-to guides on OneLogin's user and admin features? Check out the documentation in our Knowledge Base.

Have a product idea or request? Share it with us in our Ideas Portal.