Skip to content
Duende Software Docs
Trouble with OAuth 2.0 in the browser? Watch Web Security and BFF with Philippe De Ryck.

Device Authorization Endpoint

The device authorization endpoint can be used to request device and user codes. This endpoint is used to start the device flow authorization process.

  • client_id

    client identifier (required)

  • client_secret

    client secret either in the post body, or as a basic authentication header. Optional.

  • scope

    one or more registered scopes. If not specified, a token for all explicitly allowed scopes will be issued

POST /connect/deviceauthorization


    client_id=client1&
    client_secret=secret&
    scope=openid api1

.NET Client Library

Section titled “.NET Client Library”

You can use the Duende IdentityModel client library to programmatically interact with the protocol endpoint from .NET code.

using Duende.IdentityModel.Client;


var client = new HttpClient();


var response = await client.RequestDeviceAuthorizationAsync(new DeviceAuthorizationRequest
{
    Address = "https://demo.duendesoftware.com/connect/device_authorize",
    ClientId = "device"
});