Dear all, I'm working on an implementation of the OAuth 2.0 Device Flow for Browserless and Input Constrained Devices and noticed a possible omission in the spec. Section 3.2 describes the Device Authorization Response, but only the success response is specified, not the error response. I would have expected a standard OAuth 2.0 error response, probably with the following error codes: invalid_request, invalid_client and invalid_scope.
Best regards, Emond Papegaaij Topicus KeyHub _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
