You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/authenticate/device-authorization-flow/api-calls.mdx
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -10,18 +10,18 @@ relatedArticles:
10
10
- 1cbd91d2-c0b3-45b3-b038-319de1b2c794
11
11
---
12
12
13
-
Once you've received an access token from the Device Authorization Flow, you can use it to call your protected APIs. This guide shows you how to validate tokens, handle scopes, and make authenticated API requests.
13
+
Once you've received an access token from the device authorization flow, you can use it to call your protected APIs. This guide shows you how to validate tokens, handle scopes, and make authenticated API requests.
14
14
15
-
## Using the access token
15
+
## Use the access token from the device authorization flow
16
16
17
-
The access token you receive from Device Authorization Flow is a standard OAuth 2.0 Bearer token. Include it in the `Authorization` header of your API requests:
17
+
The access token you receive from the device authorization flow is a standard OAuth 2.0 Bearer token. Include it in the `Authorization` header of your API requests:
18
18
19
19
```bash
20
20
curl -X GET https://your-api.com/protected-resource \
21
21
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
22
22
```
23
23
24
-
## Token validation
24
+
## Token validation in the device authorization flow
25
25
26
26
Before processing API requests, validate the access token to ensure it's valid and hasn't expired:
27
27
@@ -83,7 +83,7 @@ function validateToken(token) {
83
83
}
84
84
```
85
85
86
-
## Scope enforcement
86
+
## Scope enforcement for device authorization
87
87
88
88
Access tokens include scopes that determine what resources the user can access. Check the required scopes before processing requests:
89
89
@@ -101,7 +101,7 @@ if (!hasRequiredScope(accessToken, "read:users")) {
101
101
}
102
102
```
103
103
104
-
## Common API patterns
104
+
## Common API patterns for device authorization
105
105
106
106
### Protected resource endpoint
107
107
@@ -145,7 +145,7 @@ function authenticateToken(req, res, next) {
145
145
}
146
146
```
147
147
148
-
### Error handling
148
+
### Error handling for device authorization
149
149
150
150
Handle common token-related errors:
151
151
@@ -166,7 +166,7 @@ function handleTokenError(error) {
166
166
}
167
167
```
168
168
169
-
## Security best practices
169
+
## Security best practices for device authorization
0 commit comments