@dan said in Authorize device without using /oauth2/device redirect:
Thanks for the reply. We are currently trying to authorise a device, but would like to use the endpoints provided by Fusion to accomplish this.
We first call /oauth2/device_authorize, this in turn returns a user_code to the device and a device_code.
We then use the user_code supplied by the user and call /oauth2/device/validate? if we get a HTTP 200 we continue.
Next we call /oauth2/authorize, here we supply the user_code, and a username and password for the user wanting to authorise the device. In return we get back a 302 which directs use to the redirect uri.
At this stage the device is polling /oauth2/token with the device_code and urn:ietf:params:oauth:grant-type:device_code grant type.
We would have hoped that at this stage the device would have gotten returned credentials but this does not seem to be the case. Unsure of what call would authorise the device?