--- title: Configuring a redirect for a device custom verification URI description: Configure a redirect for a device custom verification URI to which PingOne forwards the OIDC response after authentication. component: pingone page_id: pingone:applications:p1_configure_redirect_device_custom_verification_uri canonical_url: https://docs.pingidentity.com/pingone/applications/p1_configure_redirect_device_custom_verification_uri.html revdate: February 10, 2025 section_ids: steps: Steps example: Example: next-steps: Next steps --- # Configuring a redirect for a device custom verification URI If the **Device Custom Verification URI** setting is configured for a device authorization application, you must configure a redirect to which PingOne forwards the OIDC response after authentication. The format of the redirect depends on a combination of two factors: * Is a custom domain configured for the environment? * Is the **Device Path ID** configured for the application? ## Steps * Configure your redirects based on the information in the following table: **Redirect formats for device custom verification URI** | Custom domain configured for the environment? | Device Path ID configured? | Valid formats for redirects | | --------------------------------------------- | -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Yes | Yes | * https\://\/device/\?user\_code=\ * https\://\/device/\ * https\://\/device/\?user\_code=\ * https\://\/device/\ * https\://\/device?user\_code=\ * https\://\/device | | Yes | No | - https\://\/device/\?user\_code=\ - https\://\/device/\ - https\://\/device?user\_code=\ - https\://\/device | | No | Yes | * https\://auth.pingone.\/device/\?user\_code=\ * https\://auth.pingone.\/device/\ * https\://auth.pingone.\/device/\?user\_code=\ * https\://auth.pingone.\/device/\ * https\://auth.pingone.\/device?user\_code=\ * https\://auth.pingone.\/device | | No | No | - https\://auth.pingone.\/device/\?user\_code=\ - https\://auth.pingone.\/device/\ - https\://auth.pingone.\/device?user\_code=\ - https\://auth.pingone.\/device | | | | | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | The clientId path is safer because that value doesn't change (devicePathId can change). In addition, a redirect to `/device` without a clientId or devicePathId is not recommended because the application's configured sign-on policy can't be used. However, if you use the same **Device Custom Verification URI** value for two separate applications, then a redirect to `/device` is needed, and the flow uses the environment's default sign-on policy. | ### Example: For example, if the custom domain for the environment is set to `acme-corporation.com`, the **Device Custom Verification URI** for the application is set to `https://acme.com/go`, and the client ID for the application is `c78dbdd0-cc2c-42fa-b275-486503c30d2b`, the workflow is: 1. The end user enters the short URL, such as `https://acme.com/go`, in a browser to start the activation flow. 2. Outside of PingOne, the administrator has configured the following redirect to redirect the browser and start the device authorization flow: `https://acme-corporation.com/device/c78dbdd0-cc2c-42fa-b275-486503c30d2b`. 3. In PingOne, the flow redirects to https\://acme-corporation.com/signon?flowId=03f3581c-7fee-4bf5-adb1-ed056d31ce91 to start the PingOne flow. ## Next steps Learn more about configuring your device authorization application in [Editing an application - Device authorization](p1_edit_application_device_auth.html).