Devices API
Manage authorized devices for CLI and desktop applications.
Endpoints
| Method | Endpoint | Description |
|---|---|---|
GET | /devices | List authorized devices |
GET | /devices/:id | Get device details |
DELETE | /devices/:id | Revoke device authorization |
POST | /devices/authorize | Start device authorization |
POST | /devices/token | Exchange device code for token |
Device Object
Loading code block...
List Devices
Loading code block...
Query Parameters
| Parameter | Type | Description |
|---|---|---|
type | string | Filter by type: cli, desktop, other |
active | boolean | Only active devices (last 30 days) |
Example Request
Loading code block...
Response
Loading code block...
Get Device
Loading code block...
Example Request
Loading code block...
Response
Loading code block...
Revoke Device
Loading code block...
Example Request
Loading code block...
Response
Loading code block...
Note: Revoking a device invalidates all tokens issued to that device.
Start Device Authorization
Loading code block...
This initiates the device authorization flow for CLI tools.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
clientId | string | Yes | Application identifier |
scope | string | No | Requested permission scopes |
deviceInfo | object | No | Device metadata |
Example Request
Loading code block...
Response
Loading code block...
Exchange Device Code
Loading code block...
Poll this endpoint to exchange the device code for an access token.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
clientId | string | Yes | Application identifier |
deviceCode | string | Yes | Device code from authorize |
grantType | string | Yes | Must be urn:ietf:params:oauth:grant-type:device_code |
Example Request
Loading code block...
Pending Response
Loading code block...
Success Response
Loading code block...
Rename Device
Loading code block...
Request Body
Loading code block...
Response
Returns the updated device object.
Device Limits by Plan
| Plan | Max Devices |
|---|---|
| Free | 2 |
| Pro | 5 |
| Team | 20 per user |
| Enterprise | Unlimited |
Activity Tracking
Each device tracks:
- Sessions: Number of CLI sessions
- Commands: Most used commands
- Projects: Projects accessed
- Location: Approximate location from IP
View activity:
Loading code block...
Loading code block...
Security
Suspicious Activity Detection
Bootspring monitors for:
- Logins from new locations
- Multiple failed authentication attempts
- Unusual access patterns
Automatic Revocation
Devices may be automatically revoked for:
- 90 days of inactivity
- Security policy violations
- Account suspension
Errors
| Code | Description |
|---|---|
device_not_found | Device doesn't exist |
device_limit_exceeded | Maximum devices reached |
authorization_pending | User hasn't authorized yet |
expired_token | Device code expired |
access_denied | User denied authorization |
slow_down | Polling too frequently |