Skip to main content
GET
/
auth
/
device-codes
/
{deviceCode}
/
token
Poll for auth token
const options = {method: 'GET'};

fetch('https://api.discovr.media/auth/device-codes/{deviceCode}/token', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
{
  "refreshToken": "rt_a1b2c3d4e5f6...",
  "publicId": "MqXYz12abc",
  "expiresAt": 1733088000
}

Documentation Index

Fetch the complete documentation index at: https://docs.discovr.media/llms.txt

Use this file to discover all available pages before exploring further.

Path Parameters

deviceCode
string
required

The device code obtained from the request device code endpoint

Response

Device code authorized and token issued

Returned after a device code has been authorized. Carries the long-lived refresh token; clients call POST /auth/session-token separately to mint a session token.

refreshToken
string
required

Long-lived (90 day) refresh token. Use as the bearer for identity-tier endpoints and to mint session tokens. Treat as a credential — never place in URLs.

Example:

"rt_a1b2c3d4e5f6..."

publicId
string
required

Opaque identifier for this sign-in (informational).

Example:

"MqXYz12abc"

expiresAt
integer<int64>
required

Refresh-token expiry as Unix seconds.

Example:

1733088000