Introduction
...
| Endpoint | HTTP Method | Purpose |
|---|---|---|
| /api/auth/v1/device | POST | Creates unique user code and a verification URI to present it on a external browser to verify the user. |
| /api/auth/v1/device/verify | POST | Verifies the user code with the authenticated user. |
| /api/auth/v1/access_token grant_type="urn:ietf:params:oauth:grant-type:device_code" | POST | Provides access_token to the device once the user is verified externally. |
...
Now the device needs to display the URL and User Code to the user. While the device waits for the user to enter the code and log in, it will make a POST request every 5 seconds as specified by the interval returned. This POST request will be made to the /api/auth/v1/access_tokenendpoint, using a grant type of urn:ietf:params:oauth:grant-type:device_code
| Code Block |
|---|
POST https://authorization-server.com/token grant_type=urn:ietf:params:oauth:grant-type:device_code &client_id=CLIENT_ID &device_code=NGU4QWFiNjQ5YmQwNG3YTdmZMEyNzQ3YzQ1YSA |
...
| Code Block |
|---|
{
"errors": [
{
"id": "6de7da3e-8877-4f2b-a670-16e18e5d79a0",
"status": "202",
"code": "0",
"title": "Authentication Pending",
"detail": " - User is not yet authenticated, try again."
}
]
} |
The authorization_pending error The Authentication Pending error means the user isn’t finished logging in, but the code hasn’t yet expired either. The device should try this again after the specified number of seconds. Meanwhile the user will be logging in, choosing a YouTube account, and approving the request.