Step 5: Authorize (device)
POST {{authPath}}/{{envID}}/as/device_authorizationThe POST /{{envID}}/as/device_authorization endpoint initiates a device authorization operation on applications that specify DEVICE_CODE as the grantTypes property value. The POST request’s parameters and their values are Form Serialized by adding the parameter names and values to the entity body of the HTTP request and specifying the Content-Type: application/x-www-form-urlencoded request header. The authorization request must include values for the following properties:
-
client_idA string that specifies the application’s UUID, which was returned in Step 1.
-
scopeA string that specifies permissions that determine the resources that the application can access.
The response returns a 200 OK message along with the device_code, user_code, and verification_uri values.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{authPath}}/{{envID}}/as/device_authorization' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id={{deviceAuthAppID}}' \
--data-urlencode 'scope=openid'var options = new RestClientOptions("{{authPath}}/{{envID}}/as/device_authorization")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("client_id", "{{deviceAuthAppID}}");
request.AddParameter("scope", "openid");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{authPath}}/{{envID}}/as/device_authorization"
method := "POST"
payload := strings.NewReader("client_id=%7B%7BdeviceAuthAppID%7D%7D&scope=openid")
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /{{envID}}/as/device_authorization HTTP/1.1
Host: {{authPath}}
Content-Type: application/x-www-form-urlencoded
client_id=%7B%7BdeviceAuthAppID%7D%7D&scope=openidOkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
RequestBody body = RequestBody.create(mediaType, "client_id={{deviceAuthAppID}}&scope=openid");
Request request = new Request.Builder()
.url("{{authPath}}/{{envID}}/as/device_authorization")
.method("POST", body)
.addHeader("Content-Type", "application/x-www-form-urlencoded")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{authPath}}/{{envID}}/as/device_authorization",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/x-www-form-urlencoded"
},
"data": {
"client_id": "{{deviceAuthAppID}}",
"scope": "openid"
}
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{authPath}}/{{envID}}/as/device_authorization',
'headers': {
'Content-Type': 'application/x-www-form-urlencoded'
},
form: {
'client_id': '{{deviceAuthAppID}}',
'scope': 'openid'
}
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
url = "{{authPath}}/{{envID}}/as/device_authorization"
payload = 'client_id=%7B%7BdeviceAuthAppID%7D%7D&scope=openid'
headers = {
'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{authPath}}/{{envID}}/as/device_authorization');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/x-www-form-urlencoded'
));
$request->addPostParameter(array(
'client_id' => '{{deviceAuthAppID}}',
'scope' => 'openid'
));
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "net/http"
url = URI("{{authPath}}/{{envID}}/as/device_authorization")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/x-www-form-urlencoded"
request.body = "client_id=%7B%7BdeviceAuthAppID%7D%7D&scope=openid"
response = http.request(request)
puts response.read_bodylet parameters = "client_id=%7B%7BdeviceAuthAppID%7D%7D&scope=openid"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{authPath}}/{{envID}}/as/device_authorization")!,timeoutInterval: Double.infinity)
request.addValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
200 OK
{
"device_code": "4ab72fd1-0a3c-4619-8b63-fd153ea212b3",
"user_code": "NNH5-TWRR",
"verification_uri": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/device",
"verification_uri_complete": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/device?user_code=NNH5-TWRR",
"expires_in": 600,
"interval": 10
}