diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
index 356b18657..9d286518f 100644
--- a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
+++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
@@ -68,6 +68,8 @@ public class ConfigurationPropertiesBean {
 	private boolean dualClient = false;
 
 	private boolean heartMode = false;
+	
+	private boolean allowCompleteDeviceCodeUri = false;
 
 	public ConfigurationPropertiesBean() {
 
@@ -257,4 +259,18 @@ public class ConfigurationPropertiesBean {
 	public void setHeartMode(boolean heartMode) {
 		this.heartMode = heartMode;
 	}
+
+	/**
+	 * @return the allowCompleteDeviceCodeUri
+	 */
+	public boolean isAllowCompleteDeviceCodeUri() {
+		return allowCompleteDeviceCodeUri;
+	}
+
+	/**
+	 * @param allowCompleteDeviceCodeUri the allowCompleteDeviceCodeUri to set
+	 */
+	public void setAllowCompleteDeviceCodeUri(boolean allowCompleteDeviceCodeUri) {
+		this.allowCompleteDeviceCodeUri = allowCompleteDeviceCodeUri;
+	}
 }
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml
index e8059db8a..544f01c98 100644
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml
@@ -68,6 +68,10 @@
 		<!-- This property turns on HEART compliance mode -->
 		<!-- <property name="heartMode" value="true" /> -->
 
+        <!-- This property allows the server to create and accept fully-composed 
+        user URIs (with the user-code emebedded) for the device flow -->
+        <!-- <property name="allowCompleteDeviceCodeUri" value="true" /> -->
+
 	</bean>
 	
 </beans>
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java
index 9e2bac67f..9c54c9f07 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java
@@ -138,18 +138,21 @@ public class DeviceEndpoint {
 		try {
 			DeviceCode dc = deviceCodeService.createNewDeviceCode(requestedScopes, client, parameters);
 
-			URI verificationUriComplete  = new URIBuilder(config.getIssuer() + USER_URL)
-				.addParameter("user_code", dc.getUserCode())
-				.build();
-
 			Map<String, Object> response = new HashMap<>();
 			response.put("device_code", dc.getDeviceCode());
 			response.put("user_code", dc.getUserCode());
 			response.put("verification_uri", config.getIssuer() + USER_URL);
-			response.put("verification_uri_complete", verificationUriComplete);
 			if (client.getDeviceCodeValiditySeconds() != null) {
 				response.put("expires_in", client.getDeviceCodeValiditySeconds());
 			}
+			
+			if (config.isAllowCompleteDeviceCodeUri()) {
+				URI verificationUriComplete  = new URIBuilder(config.getIssuer() + USER_URL)
+					.addParameter("user_code", dc.getUserCode())
+					.build();
+
+				response.put("verification_uri_complete", verificationUriComplete.toString());
+			}
 	
 			model.put(JsonEntityView.ENTITY, response);
 	
@@ -175,8 +178,8 @@ public class DeviceEndpoint {
 	@RequestMapping(value = "/" + USER_URL, method = RequestMethod.GET)
 	public String requestUserCode(@RequestParam(value = "user_code", required = false) String userCode, ModelMap model, HttpSession session) {
 
-		if (userCode == null) {
-
+		if (!config.isAllowCompleteDeviceCodeUri() || userCode == null) {
+			// if we don't allow the complete URI or we didn't get a user code on the way in,
 			// print out a page that asks the user to enter their user code
 			// user must be logged in
 			return "requestUserCode";