I’m looking to possibly utilize the Device Authorization Grant (Device Flow) for headless device OATH authentication https://developer.okta.com/blog/2019/02/19/add-oauth-device-flow-to-any-server.
I’m also curious how the Okta device/authorize API might be used to facilitate this flow. Are there any practical examples of that API in use in a device flow scenario?
Here is our main guide for this flow which I recommend reviewing to get started: Configure Device Authorization Grant Flow | Okta Developer
Ok, I will check it out. Thanks.
Is it no longer necessary to enable the Device Authorization feature because I do not see it listed in Settings → Features on my account?
Another question while I am at it. For the "verification_uri": "https://${yourOktaDomain}/activate", where or how is that configured? I tried that URL out for my Okta domain to see what would happen and I get the domain signin page with an “There was an unexpected internal error. Please try again.” error.
…Steve
The verification_uri will come back when you make the /device/authorize call. It will always look like https://${yourOktaDomain}/activate as it is where, in Okta you need to provide the user_code to complete the login
When I visit https://${yourOktaDomain}/activate when I am not logged in I get:
But if I am already signed in to my Okta dev account I see:
A follow-on question:
Is there a way to customize that flow? i.e. Have the verification URI be something like https:/mydomain/activate which then performs the device activation via an Okta Auth API?
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.