Sample code for 30+ languages & platforms
Delphi DLL

Refresh a Dynamics CRM OAuth2 Access Token

See more OAuth2 Examples

Demonstrates how to refresh an expiring Dynamics CRM access token using the refresh token. endpoint.

(If a REST API call fails with a 401 unauthorized error, an application can auto-recover by refreshing the access token, and then re-send the request using the new token.)

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, CkDateTime, FileAccess, HttpResponse, HttpRequest, JsonObject, Http;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
json: HCkJsonObject;
dtExpire: HCkDateTime;
req: HCkHttpRequest;
http: HCkHttp;
resp: HCkHttpResponse;
fac: HCkFileAccess;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// We previously obtained an access token and saved the JSON to a file using this example:
// Get Dynamics CRM OAuth2 Access Token

// This example will examine the JSON and expiration date, and if near expiration will
// refresh the access token.

json := CkJsonObject_Create();
success := CkJsonObject_LoadFile(json,'qa_data/tokens/dynamicsCrm.json');
if (success <> True) then
  begin
    Exit;
  end;

// The contents of the JSON look like this:
// {
//   "token_type": "Bearer",
//   "scope": "user_impersonation",
//   "expires_in": "3599",
//   "ext_expires_in": "0",
//   "expires_on": "1524783438",
//   "not_before": "1524779538",
//   "resource": "https://mydomain.api.crm.dynamics.com",
//   "access_token": "...",
//   "refresh_token": "...",
//   "id_token": "..."
// }

// The "expires_on" value is a Unix time.
dtExpire := CkDateTime_Create();
CkDateTime_SetFromUnixTime(dtExpire,False,CkJsonObject_IntOf(json,'expires_on'));

// If this date/time expires within 10 minutes of the current system time, refresh the token.

// OK, we need to refresh the access token by sending a POST...
// 

req := CkHttpRequest_Create();
CkHttpRequest_AddParam(req,'grant_type','refresh_token');
CkHttpRequest_AddParam(req,'redirect_uri','http://localhost:3017/');
CkHttpRequest_AddParam(req,'client_id','DYNAMICS-CRM-CLIENT-ID');
CkHttpRequest_AddParam(req,'client_secret','DYNAMICS-CRM-SECRET-KEY');
CkHttpRequest_AddParam(req,'refresh_token',CkJsonObject__stringOf(json,'refresh_token'));
CkHttpRequest_AddParam(req,'resource','https://mydynamicsdomain.api.crm.dynamics.com');

http := CkHttp_Create();

CkHttpRequest_putHttpVerb(req,'POST');
CkHttpRequest_putContentType(req,'application/x-www-form-urlencoded');

resp := CkHttpResponse_Create();
success := CkHttp_HttpReq(http,'https://login.microsoftonline.com/DYNAMICS-ENDPOINT-GUID/oauth2/token',req,resp);
if (success = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

// Load the JSON response.
CkJsonObject_Load(json,CkHttpResponse__bodyStr(resp));
CkJsonObject_putEmitCompact(json,False);

// Show the JSON response.
Memo1.Lines.Add(CkJsonObject__emit(json));

Memo1.Lines.Add('Response status code: ' + IntToStr(CkHttpResponse_getStatusCode(resp)));

// If the response status code is not 200, then it's an error.
if (CkHttpResponse_getStatusCode(resp) <> 200) then
  begin
    Exit;
  end;

// If an "expires_on" member does not exist, then add the JSON member by
// getting the current system date/time and adding the "expires_in" seconds.
// This way we'll know when the token expires.
if (CkJsonObject_HasMember(json,'expires_on') <> True) then
  begin
    CkDateTime_SetFromCurrentSystemTime(dtExpire);
    CkDateTime_AddSeconds(dtExpire,CkJsonObject_IntOf(json,'expires_in'));
    CkJsonObject_AppendString(json,'expires_on',CkDateTime__getAsUnixTimeStr(dtExpire,False));
  end;

// Save the refreshed access token JSON to a file for future requests.
fac := CkFileAccess_Create();
CkFileAccess_WriteEntireTextFile(fac,'qa_data/tokens/dynamicsCrm.json',CkJsonObject__emit(json),'utf-8',False);

CkJsonObject_Dispose(json);
CkDateTime_Dispose(dtExpire);
CkHttpRequest_Dispose(req);
CkHttp_Dispose(http);
CkHttpResponse_Dispose(resp);
CkFileAccess_Dispose(fac);

end;