Skip to main content
POST
/
auth
/
device-codes
/
{deviceCode}
/
poll
TypeScript
import { DiscovrClient } from "discovr";

const discovr = new DiscovrClient("your-client-id", {
  basePath: "https://api.discovr.media",
});

// After sign-in and profile selection …
await discovr.pollDeviceCode("dvc_abc123xyz789");
{
  "refreshToken": "rt_a1b2c3d4e5f6...",
  "publicId": "MqXYz12abc",
  "expiresAt": 1733088000
}

Documentation Index

Fetch the complete documentation index at: https://docs.discovr.media/llms.txt

Use this file to discover all available pages before exploring further.

Path Parameters

deviceCode
string
required

The device code obtained from the request device code endpoint

Response

Poll result. Two possible shapes:

  • Authorized: device code was approved — contains refreshToken, publicId, expiresAt.
  • Pending: user has not yet approved — contains status: "pending". Keep polling.

Returned when the user has confirmed the device code. Store the refreshToken securely — it's your long-lived credential. Call POST /auth/session-token with a profileId to get a session token and start browsing.

refreshToken
string
required

Your long-lived credential (valid for 90 days). Use it as the bearer for identity-tier endpoints and to mint session tokens. Keep it secure — treat it like a password and never put it in URLs.

Example:

"rt_a1b2c3d4e5f6..."

publicId
string
required

An identifier for this sign-in session. You can use it to revoke access later via DELETE /auth/sessions/{publicId}.

Example:

"MqXYz12abc"

expiresAt
integer<int64>
required

When the refresh token expires, as a Unix timestamp (seconds).

Example:

1733088000