--- title: Authorize (device) description: "The POST /{{envID}}/as/device_authorization endpoint initiates a device authorization operation on applications that specify DEVICE_CODE as the grantTypes property value. The POST request's parameters and their values are Form Serialized by adding the parameter names and values to the entity body of the HTTP request and specifying the Content-Type: application/x-www-form-urlencoded request header." component: pingone-api page_id: pingone-api:auth:openid-connect-oauth-2/device-authorization-grant/authorize-device canonical_url: https://developer.pingidentity.com/pingone-api/auth/openid-connect-oauth-2/device-authorization-grant/authorize-device.html section_ids: headers: Headers body: Body example-request: Example Request example-response: Example Response --- # Authorize (device) ## ```none POST {{authPath}}/{{envID}}/as/device_authorization ``` The `POST /{{envID}}/as/device_authorization` endpoint initiates a device authorization operation on applications that specify `DEVICE_CODE` as the `grantTypes` property value. The `POST` request's parameters and their values are Form Serialized by adding the parameter names and values to the entity body of the HTTP request and specifying the `Content-Type: application/x-www-form-urlencoded` request header. | | | | - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | The `verification_uri` and `verification_uri_complete` properties in the response include the identifier `/go` in the URL. This ID is the value of the `devicePathId` set on the application. For more information about application configuration for device authorization grants, refer to [Create Application (OIDC Device Authorization Grant)](../../../platform/applications/applications-1/create-application-oidc-device-authorization-grant.html). | > **Collapse: Request Model** > > | Property | Type | Required? | > | ----------- | ------ | --------- | > | `client_id` | String | Required | > | `scope` | String | Optional | > > Refer to the [Device authentication grant data model](../device-authorization-grant.html#device-authorization-grant-data-model) for full property descriptions. ### Headers Content-Type      application/x-www-form-urlencoded ### Body urlencoded ( application/x-www-form-urlencoded ) | Key | Value | | ---------- | --------------- | | client\_id | {{deviceAppID}} | | scope | openid | ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{authPath}}/{{envID}}/as/device_authorization' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'client_id={{deviceAppID}}' \ --data-urlencode 'scope=openid' ``` ```csharp var options = new RestClientOptions("{{authPath}}/{{envID}}/as/device_authorization") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "application/x-www-form-urlencoded"); request.AddParameter("client_id", "{{deviceAppID}}"); request.AddParameter("scope", "openid"); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{authPath}}/{{envID}}/as/device_authorization" method := "POST" payload := strings.NewReader("client_id=%7B%7BdeviceAppID%7D%7D&scope=openid") client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/x-www-form-urlencoded") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http POST /{{envID}}/as/device_authorization HTTP/1.1 Host: {{authPath}} Content-Type: application/x-www-form-urlencoded client_id=%7B%7BdeviceAppID%7D%7D&scope=openid ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded"); RequestBody body = RequestBody.create(mediaType, "client_id={{deviceAppID}}&scope=openid"); Request request = new Request.Builder() .url("{{authPath}}/{{envID}}/as/device_authorization") .method("POST", body) .addHeader("Content-Type", "application/x-www-form-urlencoded") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{authPath}}/{{envID}}/as/device_authorization", "method": "POST", "timeout": 0, "headers": { "Content-Type": "application/x-www-form-urlencoded" }, "data": { "client_id": "{{deviceAppID}}", "scope": "openid" } }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'POST', 'url': '{{authPath}}/{{envID}}/as/device_authorization', 'headers': { 'Content-Type': 'application/x-www-form-urlencoded' }, form: { 'client_id': '{{deviceAppID}}', 'scope': 'openid' } }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests url = "{{authPath}}/{{envID}}/as/device_authorization" payload = 'client_id=%7B%7BdeviceAppID%7D%7D&scope=openid' headers = { 'Content-Type': 'application/x-www-form-urlencoded' } response = requests.request("POST", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{authPath}}/{{envID}}/as/device_authorization'); $request->setMethod(HTTP_Request2::METHOD_POST); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/x-www-form-urlencoded' )); $request->addPostParameter(array( 'client_id' => '{{deviceAppID}}', 'scope' => 'openid' )); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "net/http" url = URI("{{authPath}}/{{envID}}/as/device_authorization") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Post.new(url) request["Content-Type"] = "application/x-www-form-urlencoded" request.body = "client_id=%7B%7BdeviceAppID%7D%7D&scope=openid" response = http.request(request) puts response.read_body ``` ```swift let parameters = "client_id=%7B%7BdeviceAppID%7D%7D&scope=openid" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{authPath}}/{{envID}}/as/device_authorization")!,timeoutInterval: Double.infinity) request.addValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 200 OK ```json { "device_code": "031887ee-2328-49a7-a2cc-83ff491e10f8", "user_code": "BVKV-2GZ2", "verification_uri": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/device/go", "verification_uri_complete": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/device/go?user_code=BVKV-2GZ2", "expires_in": 600, "interval": 5 } ```