Unless I’m missing something, the current device code spec doesn’t specify errors from the device code endpoint, only from the token endpoint. What are people implementing in practice? We’re using token endpoint style errors (invalid_client, inavlid_grant_type, etc).
— Justin _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
