Approve or deny a pending client grant

POST

auth

grant

approve

Approve or deny a pending client grant

curl --request POST \
  --url https://app.dynamicauth.com/api/v0/auth/grant/approve \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "user_code": "<string>"
}
'

{}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json

Request body for POST /auth/grant/approve.

user_code

string

required

The user_code displayed in the client's terminal/UI.

action

enum<string>

required

Outcome of an /auth/grant/approve call. approve mints a fresh client JWT and stores it against the grant for the polling client to collect; deny records an access_denied terminal status.

Available options:

approve,

deny

Response

Grant resolved.

Response from POST /auth/grant/approve.

status

enum<string>

required

Outcome of an /auth/grant/approve call. approve mints a fresh client JWT and stores it against the grant for the polling client to collect; deny records an access_denied terminal status.

Available options:

approve,

deny

Poll for the result of a client grantPolled by the client to check whether the grant has been approved or denied. Public — the `grant_code` itself is the proof of identity. Status follows RFC 8628 conventions: `authorization_pending`, `slow_down`, `approved`, `access_denied`, `expired_token`. On `approved`, the response includes the minted client JWT.

⌘I

Approve or deny a pending client grant

curl --request POST \
  --url https://app.dynamicauth.com/api/v0/auth/grant/approve \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "user_code": "<string>"
}
'

{}

Documentation Index

Authorizations

Body

Response