SQL Server
SQL Server
Okta Client Credentials FLow
See more Okta OAuth/OIDC Examples
The Client Credentials flow is recommended for use in machine-to-machine authentication. Your application will need to securely store its Client ID and Secret and pass those to Okta in exchange for an access token. At a high-level, the flow only has two steps:- Your application passes its client credentials to your Okta authorization server.
- If the credentials are accurate, Okta responds with an access token.
Note: This example uses "customScope". You'll replace it with whatever scope(s) you've defined for your app. Scopes are defined in your Authorization Server. See Okta Authorization Server / Scopes
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example assumes the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @http int
EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- Implements the following CURL command:
-- curl --request POST \
-- --url https://{yourOktaDomain}/oauth2/default/v1/token \
-- --header 'accept: application/json' \
-- --user "client_id:client_secret" \
-- --header 'cache-control: no-cache' \
-- --header 'content-type: application/x-www-form-urlencoded' \
-- --data 'grant_type=client_credentials&scope=customScope'
EXEC sp_OASetProperty @http, 'Login', 'client_id'
EXEC sp_OASetProperty @http, 'Password', 'client_secret'
DECLARE @req int
EXEC @hr = sp_OACreate 'Chilkat.HttpRequest', @req OUT
EXEC sp_OASetProperty @req, 'HttpVerb', 'POST'
EXEC sp_OASetProperty @req, 'Path', '/oauth2/default/v1/token'
EXEC sp_OASetProperty @req, 'ContentType', 'application/x-www-form-urlencoded'
EXEC sp_OAMethod @req, 'AddParam', NULL, 'grant_type', 'client_credentials'
EXEC sp_OAMethod @req, 'AddParam', NULL, 'scope', 'customScope'
EXEC sp_OAMethod @req, 'AddHeader', NULL, 'accept', 'application/json'
DECLARE @resp int
EXEC @hr = sp_OACreate 'Chilkat.HttpResponse', @resp OUT
EXEC sp_OAMethod @http, 'HttpReq', @success OUT, 'https://{yourOktaDomain}/oauth2/default/v1/token', @req, @resp
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @req
EXEC @hr = sp_OADestroy @resp
RETURN
END
DECLARE @sbResponseBody int
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbResponseBody OUT
EXEC sp_OAMethod @resp, 'GetBodySb', @success OUT, @sbResponseBody
DECLARE @jResp int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jResp OUT
EXEC sp_OAMethod @jResp, 'LoadSb', @success OUT, @sbResponseBody
EXEC sp_OASetProperty @jResp, 'EmitCompact', 0
PRINT 'Response Body:'
EXEC sp_OAMethod @jResp, 'Emit', @sTmp0 OUT
PRINT @sTmp0
DECLARE @respStatusCode int
EXEC sp_OAGetProperty @resp, 'StatusCode', @respStatusCode OUT
PRINT 'Response Status Code = ' + @respStatusCode
IF @respStatusCode >= 400
BEGIN
PRINT 'Response Header:'
EXEC sp_OAGetProperty @resp, 'Header', @sTmp0 OUT
PRINT @sTmp0
PRINT 'Failed.'
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @req
EXEC @hr = sp_OADestroy @resp
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
RETURN
END
-- Sample JSON response:
-- (Sample code for parsing the JSON response is shown below)
-- {
-- "access_token": "eyJraWQiO ... B2CnCLj7GRUW3mQ",
-- "token_type": "Bearer",
-- "expires_in": 3600,
-- "scope": "customScope"
-- }
-- Sample code for parsing the JSON response...
-- Use the following online tool to generate parsing code from sample JSON:
-- Generate Parsing Code from JSON
DECLARE @access_token nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @access_token OUT, 'access_token'
DECLARE @token_type nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @token_type OUT, 'token_type'
DECLARE @expires_in int
EXEC sp_OAMethod @jResp, 'IntOf', @expires_in OUT, 'expires_in'
DECLARE @scope nvarchar(4000)
EXEC sp_OAMethod @jResp, 'StringOf', @scope OUT, 'scope'
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @req
EXEC @hr = sp_OADestroy @resp
EXEC @hr = sp_OADestroy @sbResponseBody
EXEC @hr = sp_OADestroy @jResp
END
GO