◈ SecuriX
Guides

Device Flow Implementation

Learn how to connect users in CLI, IoT, and non-browser environments using Securix.

The Device Flow allows your users to authorize your application on devices that have limited input capabilities or lack a web browser (e.g., CLI tools, smart TVs, or hardware agents).

1. Initiate Device Authorization

Use @securix/core on your backend (or CLI) to create a device-specific auth session.

import { Securix } from "@securix/core";

const { authUrl, deviceAuthCode } = await Securix.auth.createSession({
  entityId: "cli_user_001",
  flow: "device",
  providers: {
    gmail: { scopes: ["https://www.googleapis.com/auth/gmail.readonly"] },
  },
});

console.log(`Scan the QR or visit: ${authUrl}`);
console.log(`Your activation code: ${deviceAuthCode}`);

2. Poll for Status

Unlike the popup flow, you must poll Securix to determine when the user has completed the authorization.

const pollAuthStatus = async (entityId: string) => {
  const checkInterval = setInterval(async () => {
    const { status, providers } = await Securix.auth.getStatus({
      entityId,
    });

    if (status === "AUTH_SUCCESS") {
      console.log("Authorization Successful!");
      console.log("Connected Providers:", providers);
      clearInterval(checkInterval);
    } else if (status === "AUTH_FAILURE") {
      console.log("Authorization Failed.");
      clearInterval(checkInterval);
    }
  }, 5000); // Poll every 5 seconds
};

pollAuthStatus("cli_user_001");

3. Usage

Once the status is AUTH_SUCCESS, your app can begin making proxied API calls using the securix-api-key, securix-agent-id and securix-entity-id as usual.

Just like the Popup flow, no tokens are stored locally on the device. All data access must go through the Securix Proxy using your API key and the user's entity ID.

→ Next: Official SDK Integration

Learn how to access data using official provider SDKs.

On this page

1. Initiate Device Authorization2. Poll for Status3. Usage