%% You should probably cite rfc8628 instead of this I-D. @techreport{ietf-oauth-device-flow-13, number = {draft-ietf-oauth-device-flow-13}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/13/}, author = {William Denniss and John Bradley and Michael B. Jones and Hannes Tschofenig}, title = {{OAuth 2.0 Device Flow for Browserless and Input Constrained Devices}}, pagetotal = 21, year = 2018, month = oct, day = 19, abstract = {This OAuth 2.0 authorization flow is designed for devices that either lack a browser to perform a user-agent based OAuth flow, or are input-constrained to the extent that requiring the user to input a lot of text (like their credentials to authenticate with the authorization server) is impractical. It enables OAuth clients on such devices (like smart TVs, media consoles, digital picture frames, and printers) to obtain user authorization to access protected resources without using an on-device user-agent, provided that they have an Internet connection.}, }