From 68184aac3110b985b9457328d916e8a7df2a35d2 Mon Sep 17 00:00:00 2001
From: Hugh Nimmo-Smith <hughns@element.io>
Date: Mon, 15 Sep 2025 11:31:30 +0100
Subject: [PATCH] Add notes about alternatives

From https://github.com/matrix-org/matrix-spec-proposals/pull/4341#discussion_r2318641442
---
 proposals/4341-device-authorization-grant.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/proposals/4341-device-authorization-grant.md b/proposals/4341-device-authorization-grant.md
index 916693161..37219f188 100644
--- a/proposals/4341-device-authorization-grant.md
+++ b/proposals/4341-device-authorization-grant.md
@@ -148,6 +148,17 @@ Otherwise, none identified.
 
 I'm not aware of any other standardised OAuth grant types that would be suitable as an alternative.
 
+### Requiring support for the new grant type
+
+We could make it mandatory that new grant type is supported by Matrix homeservers.
+
+As currently proposed it is optional and discoverable via the `grant_types_supported` metadata.
+
+### Make `verification_uri_complete` be mandatory
+
+RFC 8628 makes makes `verification_uri_complete` optional, but we could make it mandatory. This could improve the UX for some
+use cases.
+
 ## Security considerations
 
 [RFC 8628 section 5](https://datatracker.ietf.org/doc/html/rfc8628#section-5) contains various security considerations