Devices API
Manage authorized devices for CLI and desktop applications.
Endpoints#
| Method | Endpoint | Description |
|---|---|---|
GET | /devices | List authorized devices |
GET | /devices/:id | Get device details |
DELETE | /devices/:id | Revoke device authorization |
POST | /devices/authorize | Start device authorization |
POST | /devices/token | Exchange device code for token |
Device Object#
1{
2 "id": "dev_abc123",
3 "name": "MacBook Pro",
4 "type": "cli",
5 "platform": "darwin",
6 "arch": "arm64",
7 "hostname": "johns-macbook",
8 "lastActiveAt": "2024-01-15T10:30:00Z",
9 "lastIp": "192.168.1.100",
10 "location": {
11 "city": "San Francisco",
12 "country": "US"
13 },
14 "createdAt": "2024-01-01T00:00:00Z"
15}List Devices#
GET /devicesQuery Parameters#
| Parameter | Type | Description |
|---|---|---|
type | string | Filter by type: cli, desktop, other |
active | boolean | Only active devices (last 30 days) |
Example Request#
curl https://api.bootspring.dev/v1/devices \
-H "Authorization: Bearer bs_xxx"Response#
1{
2 "data": [
3 {
4 "id": "dev_abc123",
5 "name": "MacBook Pro",
6 "type": "cli",
7 "platform": "darwin",
8 "arch": "arm64",
9 "hostname": "johns-macbook",
10 "lastActiveAt": "2024-01-15T10:30:00Z",
11 "current": true,
12 "createdAt": "2024-01-01T00:00:00Z"
13 },
14 {
15 "id": "dev_def456",
16 "name": "Windows Desktop",
17 "type": "cli",
18 "platform": "win32",
19 "arch": "x64",
20 "hostname": "DESKTOP-ABC123",
21 "lastActiveAt": "2024-01-10T08:00:00Z",
22 "current": false,
23 "createdAt": "2024-01-05T00:00:00Z"
24 }
25 ]
26}Get Device#
GET /devices/:idExample Request#
curl https://api.bootspring.dev/v1/devices/dev_abc123 \
-H "Authorization: Bearer bs_xxx"Response#
1{
2 "data": {
3 "id": "dev_abc123",
4 "name": "MacBook Pro",
5 "type": "cli",
6 "platform": "darwin",
7 "arch": "arm64",
8 "hostname": "johns-macbook",
9 "cliVersion": "1.2.0",
10 "lastActiveAt": "2024-01-15T10:30:00Z",
11 "lastIp": "192.168.1.100",
12 "location": {
13 "city": "San Francisco",
14 "region": "CA",
15 "country": "US"
16 },
17 "sessions": {
18 "total": 45,
19 "lastWeek": 12
20 },
21 "createdAt": "2024-01-01T00:00:00Z"
22 }
23}Revoke Device#
DELETE /devices/:idExample Request#
curl -X DELETE https://api.bootspring.dev/v1/devices/dev_abc123 \
-H "Authorization: Bearer bs_xxx"Response#
1{
2 "data": {
3 "revoked": true,
4 "id": "dev_abc123"
5 }
6}Note: Revoking a device invalidates all tokens issued to that device.
Start Device Authorization#
POST /devices/authorizeThis initiates the device authorization flow for CLI tools.
Request Body#
| Field | Type | Required | Description |
|---|---|---|---|
clientId | string | Yes | Application identifier |
scope | string | No | Requested permission scopes |
deviceInfo | object | No | Device metadata |
Example Request#
1curl -X POST https://api.bootspring.dev/v1/devices/authorize \
2 -H "Content-Type: application/json" \
3 -d '{
4 "clientId": "bootspring-cli",
5 "scope": "read:projects write:projects invoke:agents",
6 "deviceInfo": {
7 "platform": "darwin",
8 "arch": "arm64",
9 "hostname": "johns-macbook"
10 }
11 }'Response#
1{
2 "data": {
3 "deviceCode": "dev_code_xyz789...",
4 "userCode": "ABCD-1234",
5 "verificationUri": "https://bootspring.dev/device",
6 "verificationUriComplete": "https://bootspring.dev/device?code=ABCD-1234",
7 "expiresIn": 900,
8 "interval": 5
9 }
10}Exchange Device Code#
POST /devices/tokenPoll this endpoint to exchange the device code for an access token.
Request Body#
| Field | Type | Required | Description |
|---|---|---|---|
clientId | string | Yes | Application identifier |
deviceCode | string | Yes | Device code from authorize |
grantType | string | Yes | Must be urn:ietf:params:oauth:grant-type:device_code |
Example Request#
1curl -X POST https://api.bootspring.dev/v1/devices/token \
2 -H "Content-Type: application/json" \
3 -d '{
4 "clientId": "bootspring-cli",
5 "deviceCode": "dev_code_xyz789...",
6 "grantType": "urn:ietf:params:oauth:grant-type:device_code"
7 }'Pending Response#
{
"error": "authorization_pending",
"error_description": "User has not yet authorized this device"
}Success Response#
1{
2 "data": {
3 "accessToken": "bsd_live_abc123...",
4 "tokenType": "Bearer",
5 "expiresIn": 31536000,
6 "scope": "read:projects write:projects invoke:agents",
7 "refreshToken": "bsr_xyz789...",
8 "device": {
9 "id": "dev_new123",
10 "name": "johns-macbook"
11 }
12 }
13}Rename Device#
PATCH /devices/:idRequest Body#
{
"name": "Work MacBook Pro"
}Response#
Returns the updated device object.
Device Limits by Plan#
| Plan | Max Devices |
|---|---|
| Free | 2 |
| Pro | 5 |
| Team | 20 per user |
| Enterprise | Unlimited |
Activity Tracking#
Each device tracks:
- Sessions: Number of CLI sessions
- Commands: Most used commands
- Projects: Projects accessed
- Location: Approximate location from IP
View activity:
GET /devices/:id/activity1{
2 "data": {
3 "sessions": {
4 "total": 45,
5 "lastWeek": 12,
6 "avgDuration": "15m"
7 },
8 "topCommands": [
9 { "command": "agent invoke", "count": 89 },
10 { "command": "skill apply", "count": 45 },
11 { "command": "generate", "count": 32 }
12 ],
13 "projectsAccessed": [
14 { "id": "proj_abc", "name": "My App", "count": 34 }
15 ]
16 }
17}Security#
Suspicious Activity Detection#
Bootspring monitors for:
- Logins from new locations
- Multiple failed authentication attempts
- Unusual access patterns
Automatic Revocation#
Devices may be automatically revoked for:
- 90 days of inactivity
- Security policy violations
- Account suspension
Errors#
| Code | Description |
|---|---|
device_not_found | Device doesn't exist |
device_limit_exceeded | Maximum devices reached |
authorization_pending | User hasn't authorized yet |
expired_token | Device code expired |
access_denied | User denied authorization |
slow_down | Polling too frequently |