Poll for the minted API key
POST
/auth/device/token
const url = 'https://api.loomta.com/auth/device/token';const options = { method: 'POST', headers: {'Content-Type': 'application/json'}, body: '{"device_code":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://api.loomta.com/auth/device/token \ --header 'Content-Type: application/json' \ --data '{ "device_code": "example" }'Poll with the device_code from /auth/device/start. Returns the API key once the user approves. While pending, returns HTTP 400 with an error of authorization_pending, slow_down, expired_token, or access_denied (RFC 8628 §3.5). Honor the interval; back off on slow_down.
Request Bodyrequired
Section titled “Request Bodyrequired”Media typeapplication/json
object
device_code
required
string
Examplegenerated
{ "device_code": "example"}Responses
Section titled “Responses”Approved — the minted API key.
Media typeapplication/json
object
status
required
string
api_key
required
A loomta_sk_… key. Returned exactly once.
string
Example
{ "status": "approved"}Pending or terminal device-flow state.
Media typeapplication/json
object
error
required
string
Example
{ "error": "authorization_pending"}