Sample code for 30+ languages & platforms
Delphi DLL

SharePoint OAuth2 Client Credentials Authentication

Demonstrates how to authenticate with OAuth 2.0 using the client credentials grant type. This is for SharePoint Online which is the cloud-based service provided by Microsoft as part of Office 365. (Users access SharePoint Online through a web browser, and the service is hosted on Microsoft's servers.)

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, StringBuilder, JsonObject;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
http: HCkHttp;
jsonOAuthCC: HCkJsonObject;
sbJson: HCkStringBuilder;
statusCode: Integer;
jsonResp: HCkJsonObject;

begin
success := False;

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

http := CkHttp_Create();

// Provide the information needed for Chilkat to automatically fetch the OAuth2.0 
// access token as needed.
jsonOAuthCC := CkJsonObject_Create();

// --------------------------------------------------------------------------------------------------------
// You'll need to have registered an app in Azure beforehand.
// See How to Create SharePoint App Registration for OAuth 2.0 Client Credentials
// --------------------------------------------------------------------------------------------------------

// Use the values from your App Registration in Azure.
CkJsonObject_UpdateString(jsonOAuthCC,'client_id','CLIENT_ID');
CkJsonObject_UpdateString(jsonOAuthCC,'client_secret','SECRET_VALUE');

// You'll always use this scope for client credentials, because the allowed actions
// are determined by the App Permissions defined when you registered the app in Azure.
CkJsonObject_UpdateString(jsonOAuthCC,'scope','https://graph.microsoft.com/.default');

// The token endpoint includes your tenant ID. 
CkJsonObject_UpdateString(jsonOAuthCC,'token_endpoint','https://login.microsoftonline.com/TENANT_ID/oauth2/v2.0/token');

// Provide the OAuth2 information. Chilkat will use this information to automatically fetch the OAuth2 access token as needed,
CkHttp_putAuthToken(http,CkJsonObject__emit(jsonOAuthCC));

// Get information about all SharePoint sites.
sbJson := CkStringBuilder_Create();
success := CkHttp_QuickGetSb(http,'https://graph.microsoft.com/v1.0/sites/getAllSites',sbJson);
if (success = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

statusCode := CkHttp_getLastStatus(http);

Memo1.Lines.Add('Response status code = ' + IntToStr(statusCode));

if (statusCode <> 200) then
  begin
    Memo1.Lines.Add(CkStringBuilder__getAsString(sbJson));
    Memo1.Lines.Add('Failed.');
    Exit;
  end;

jsonResp := CkJsonObject_Create();
CkJsonObject_LoadSb(jsonResp,sbJson);
CkJsonObject_putEmitCompact(jsonResp,False);

Memo1.Lines.Add(CkJsonObject__emit(jsonResp));
Memo1.Lines.Add('Success.');

// Use this online tool to generate parsing code from sample JSON: 
// Generate Parsing Code from JSON

CkHttp_Dispose(http);
CkJsonObject_Dispose(jsonOAuthCC);
CkStringBuilder_Dispose(sbJson);
CkJsonObject_Dispose(jsonResp);

end;