Initiate a client grant request
Public — the caller has no credentials yet. Generates a grant_code
(long secret used by the polling client) and a user_code (short code
shown to the user for visual verification). Both are stored in Redis
with a 15-minute TTL.
Documentation Index
Fetch the complete documentation index at: https://docs.dynamic.xyz/docs/llms.txt
Use this file to discover all available pages before exploring further.
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
Request body for POST /auth/grant/code. client_type is required so the
authorizing user always sees what kind of client they are approving; pass
other if no specific category fits.
Type of first-party client being authorized. cli for the dyn CLI,
mcp for an MCP server, demo for demo applications oauth-ing into
redcoast, ide-plugin for editor extensions, and other as a catch-all.
cli, mcp, demo, ide-plugin, other Optional metadata sent at grant request time so the authorizing user can recognize the client in the management UI. Every field is optional — a CLI may know its hostname, an embedded MCP server may not.
Response
Grant initiated.
Response from POST /auth/grant/code. Returns the long-secret grant_code
that only the polling client should ever see, plus a short user_code
that the user verifies on the dashboard authorize page.
Long random secret used by the client to poll for the result.
Short code shown to the user (XXXX-XXXX, no ambiguous chars).
Where the user goes to authorize the request.
verification_uri with ?code={user_code} appended.
Seconds until the grant expires (typically 900 = 15 min).
Minimum seconds between polling attempts (typically 5).