Poll for the customer’s decision per RFC 8628 §3.5.
HTTP 200 + RFC 6749 §5.1 success body when the agent token is minted; HTTP 400 + RFC 6749 §5.2 error body for every other state:
authorization_pending customer hasn’t decided yet access_denied customer denied expired_token consent code expired before claim invalid_grant unknown / malformed device_code already_claimed agent already polled successfully (Stella ext)
Stock OAuth client libraries that read access_token on 200 and
error on 4xx work out of the box. The success body adds Stella
extensions agent_name and budget_cents so the agent doesn’t
need a second call to learn the consent shape (RFC 6749 §5.1
explicitly allows extension parameters).
Documentation Index
Fetch the complete documentation index at: https://docs.stella-commerce.com/llms.txt
Use this file to discover all available pages before exploring further.
Agent → Stella: poll for consent decision.
8 - 200Successful Response
Stella → agent: HTTP 200 success body per RFC 6749 §5.1.
scope is space-separated (NOT a JSON array) per spec. expires_in
is relative seconds (NOT a timestamp). Stella-specific extension
fields agent_name and budget_cents carry the consent shape so
the agent doesn't need a second call.