Question on access/refresh tokens and device code

[n-katti]

Hi all - I’m working on a personal project, and, admittedly, since I’m semi-new to all of this, this is the first time I’ve used OAuth 2.0

While I’ve hacked a solution together, I just want to check that there aren’t better ways I’m simply overlooking

Currently, I’m generating a device code via API, verifying/allowing access manually, and then generating an access_token and refresh_token via API. Questions:

1. Is there a way that I can perform these steps 100% automatically rather than the manual step of entering/verifying the device code? I couldn’t find this anywhere, and any endpoint I tried to use for this threw unauthorized errors before I’d manually verified my device
2. My assumption is that I can now use the refresh_token to generate a new access_token whenever I need - is that correct?
3. If I were to automate my script via container on ECS/EC2, would my access still work with the current access_token given it’s a different device than initially authenticated on?

Thank you! This is a fantastic tool, and I’m so thankful everyday for it

[rectifyer]

1. The user needs to approve the app's request to connect, no way around that.
2. Yes, you can get a new token. An access token is good for 3 months, so you should also save the expiration since there is no need to refresh it earlier.
3. Yes, the access token is tied to your app's token.