Device Authorization Flow - AGN Federation Tester

0

Configuration

Set your OIDC endpoints. The Device Authorization Endpoint is where we request the user code.

Device Authorization Endpoint

MS Example: https://login.microsoftonline.com/2e8bbadb-1f5b-4c2e-a190-9c7d558a12b6/oauth2/v2.0/devicecode

Token Endpoint

Client ID

Client Secret (Optional, if app is not public client enabled)

Scopes

1

Request Device & User Codes

The "device" makes a POST request to start the flow. The IdP returns a user_code and a verification_uri.

Request sent to IdP

POST /api/oidc-device

// Awaiting execution...

IdP Response

// Awaiting response...

2

User Approval Required

Display these to the user. They must visit the URL and enter the code below.

XXXX-XXXX

Visit: ---

3

Token Polling

The device repeatedly polls the token endpoint using the device_code until the user approves the request.

Polling not started

Latest Polling Request & Response

POLLING LOG

// Polling attempts will appear here...

4

Tokens Received & Decoded

Success! The user approved the request and we received the OIDC tokens.