oauth2/com.okta.oauth2/DeviceAuthorizationFlow

DeviceAuthorizationFlow

class DeviceAuthorizationFlow
Content copied to clipboard

An authentication flow class that implements the Device Authorization Grant flow exchange.

The Device Authorization Grant flow permits a user to sign in securely from a headless or other similar device (e.g. set-top boxes, Smart TVs, or other devices with limited keyboard input). Using this flow, a user is presented with a screen that provides two pieces of information:

  1. A URL the user should visit from another device.

  2. A simple user code they can easily enter on that secondary device.

Upon visiting that URL and entering in the code, the user is prompted to sign in using their standard credentials. Upon completing authentication, the device automatically signs the user in, without any direct interaction on the user's part.

Types

Link copied to clipboard
object Companion
Content copied to clipboard
Link copied to clipboard
class Context
Content copied to clipboard

A model representing the context and current state for an authorization session.

Link copied to clipboard
class TimeoutException : Exception
Content copied to clipboard

An error due to a timeout. The DeviceAuthorizationFlow limits the duration a user can poll for a successful authentication, see Context.expiresIn.

Functions

Link copied to clipboard
suspend fun resume(flowContext: DeviceAuthorizationFlow.Context): OidcClientResult<Token>
Content copied to clipboard

Polls to determine when authorization completes, using the supplied Context instance.

Link copied to clipboard
suspend fun start(extraRequestParameters: Map<String, String> = emptyMap(), scope: String = oidcClient.configuration.defaultScope): OidcClientResult<DeviceAuthorizationFlow.Context>
Content copied to clipboard

Initiates a device authorization flow.