I’m referring to to the api documented here. It looks like the GET and POST both have the exact same description (typo?).
I want to explore implementing something similar to a personal access token to allow users’ applications to authenticate like the PATs used by git clients. Is this the correct api to use for that? That is, I create a device credential under a user using this api and the client application uses this client id and secret with client credentials flow to authenticate?