Token request body

I am creating a single page web app and have noticed that GET /device/code and POST /oauth/token require the request body to be x-www-form-urlencoded. Is there a reason why this is case? Why can’t it be in JSON form?

Hi @shaanon12,

POST /oauth/token: it’s because of the OAuth2 specs:

GET /device/code: I think that should be a POST, might be that the API documentation isn’t correct.