Support Device Authorization Grant extension #782
Assignees
Labels
status: duplicate
A duplicate of another issue
Comments
|
My apologies. I jumped the gun on this and created the enhancement request before searching the backlog. I found the existing Device Auth item #44. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected Behavior
https://datatracker.ietf.org/doc/html/rfc8628
https://oauth.net/2/device-flow/
Current Behavior
n/a
Context
With the proliferation of smart devices, device code authorization is a common use case. While authorization servers that implement Spring Authorization Server can layer their own Device Authorization Grant extension over Spring, it would be great if they could avoid the customization required to do so and could instead rely on all of the obvious benefits of an implementation built into the Spring library.
While Spring cannot (and should not) attempt to support every OAuth extension or related specification, there is already precedent for supporting common OAuth-related use cases with the inclusion of OIDC. Device Authorization grants are (arguably) another common enough use case to make inclusion reasonable.
The text was updated successfully, but these errors were encountered: