Expired User Code on Device Authorization Flow

I’m creating a command-line application using Device Authorization Flow:

Here is the sequence:

  1. Authenticate my command-line application using sample command eg. myapp --login-device-authorization-flow
  2. Command Line Application will provide login link (verification_uri with user_code)
  3. Command Line Application polls for the access_token
  4. User logs in on auth0 using provided link

Scenario:

  1. User visits verification_uri with user_code then proceed to login link
  2. User failed to log in due to some problem (eg. lost internet connection)
  3. User visits again verification_uri with user_code then proceed to login link

Result:
Invalid or expired user code.

Question:
In the above scenario, the user cannot log in using the provided login link since the user code expired while the command line application is still polling for the access_token.

Is there a way the command line application determines user code has expired?

Hi @bulatao.ramoncito,

There is an expires_in param in the response.

https://auth0.com/docs/flows/call-your-api-using-the-device-authorization-flow#device-code-response

Does that answer your question?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.