website/docs: improve docs for OAuth2 device code flow (#5570)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-05-10 20:58:31 +02:00 committed by GitHub
parent fd8c1d41db
commit c68a42f63b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,6 +1,6 @@
# Device code flow
(Also known as device flow and RFC 8628)
(Also known as device flow and [RFC 8628](https://datatracker.ietf.org/doc/html/rfc8628))
This type of authentication flow is useful for devices with limited input abilities and/or devices without browsers.
@ -8,6 +8,8 @@ This type of authentication flow is useful for devices with limited input abilit
This device flow is only possible if the active tenant has a device code flow setup. This device code flow is run _after_ the user logs in, and before the user authenticates.
authentik doesn't ship with a default flow for this usecase, so it is recommended to create a new flow for this usecase with the designation of _Stage configuration_
### Device-side
The flow is initiated by sending a POST request to the device authorization endpoint, `/application/o/device/` with the following contents: