diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 79ff704..1efdcf8 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -9,6 +9,16 @@ updates:
   commit-message:
     prefix: chore
     include: scope
+- package-ecosystem: gomod
+  target-branch: "2.12.x"
+  directory: "/"
+  schedule:
+    interval: daily
+    time: '04:00'
+  open-pull-requests-limit: 10
+  commit-message:
+    prefix: chore
+    include: scope
 - package-ecosystem: "github-actions"
   directory: "/"
   schedule:
diff --git a/example/client/device/device.go b/example/client/device/device.go
index bea6134..78ed2c8 100644
--- a/example/client/device/device.go
+++ b/example/client/device/device.go
@@ -1,3 +1,37 @@
+// Command device is an example Oauth2 Device Authorization Grant app.
+// It creates a new Device Authorization request on the Issuer and then polls for tokens.
+// The user is then prompted to visit a URL and enter the user code.
+// Or, the complete URL can be used instead to omit manual entry.
+// In practice then can be a "magic link" in the form or a QR.
+//
+// The following environment variables are used for configuration:
+//
+//	ISSUER: URL to the OP, required.
+//	CLIENT_ID: ID of the application, required.
+//	CLIENT_SECRET: Secret to authenticate the app using basic auth. Only required if the OP expects this type of authentication.
+//	KEY_PATH: Path to a private key file, used to for JWT authentication of the App. Only required if the OP expects this type of authentication.
+//	SCOPES: Scopes of the Authentication Request. Optional.
+//
+// Basic usage:
+//
+//	cd example/client/device
+//	export ISSUER="http://localhost:9000" CLIENT_ID="246048465824634593@demo"
+//
+// Get an Access Token:
+//
+//	SCOPES="email profile" go run .
+//
+// Get an Access Token and ID Token:
+//
+//	SCOPES="email profile openid" go run .
+//
+// Get an Access Token and Refresh Token
+//
+//	SCOPES="email profile offline_access" go run .
+//
+// Get Access, Refresh and ID Tokens:
+//
+//	SCOPES="email profile offline_access openid" go run .
 package main
 
 import (
@@ -57,5 +91,5 @@ func main() {
 	if err != nil {
 		logrus.Fatal(err)
 	}
-	logrus.Infof("successfully obtained token: %v", token)
+	logrus.Infof("successfully obtained token: %#v", token)
 }
diff --git a/pkg/client/rp/errors.go b/pkg/client/rp/errors.go
new file mode 100644
index 0000000..b95420b
--- /dev/null
+++ b/pkg/client/rp/errors.go
@@ -0,0 +1,5 @@
+package rp
+
+import "errors"
+
+var ErrRelyingPartyNotSupportRevokeCaller = errors.New("RelyingParty does not support RevokeCaller")
diff --git a/pkg/client/rp/relying_party.go b/pkg/client/rp/relying_party.go
index 5e6949f..04be4ef 100644
--- a/pkg/client/rp/relying_party.go
+++ b/pkg/client/rp/relying_party.go
@@ -4,7 +4,6 @@ import (
 	"context"
 	"encoding/base64"
 	"errors"
-	"fmt"
 	"net/http"
 	"net/url"
 	"time"
@@ -748,7 +747,7 @@ func RevokeToken(ctx context.Context, rp RelyingParty, token string, tokenTypeHi
 	if rc, ok := rp.(client.RevokeCaller); ok && rc.GetRevokeEndpoint() != "" {
 		return client.CallRevokeEndpoint(ctx, request, nil, rc)
 	}
-	return fmt.Errorf("RelyingParty does not support RevokeCaller")
+	return ErrRelyingPartyNotSupportRevokeCaller
 }
 
 func unauthorizedError(w http.ResponseWriter, r *http.Request, desc string, state string, rp RelyingParty) {