Previous: , Up: Authorize an OAuth App   [Index] Device Flow

The device flow allows you to authorize users for a headless app, such as a CLI tool or Git credential manager.

3 The app polls for the user authentication status. Once the user has authorized the device, the app will be able to make API calls with a new access token.


Your app will make device authorization requests that poll the above uri until the device and user codes expire or the user has successfully authorized the app with a valid user code. The app must use the minimum polling interval retrieved in step 1 to avoid rate limit errors.

The user must enter a valid code within 15 minutes (or 900 seconds). After 15 minutes, you will need to request a new device authorization code with:


Once the user has authorized, the app will receive an access token that can be used to make requests to the API on behalf of a user.

  1. Error Codes for the Device Flow

Previous: , Up: Authorize an OAuth App   [Index]