(DataFlex) Okta Client Credentials FLow

The Client Credentials flow is recommended for use in machine-to-machine authentication. Your application will need to securely store its Client ID and Secret and pass those to Okta in exchange for an access token. At a high-level, the flow only has two steps:

• Your application passes its client credentials to your Okta authorization server.
• If the credentials are accurate, Okta responds with an access token.

Note: This example uses "customScope". You'll replace it with whatever scope(s) you've defined for your app. Scopes are defined in your Authorization Server. See Okta Authorization Server / Scopes

For more information, see https://developer.okta.com/docs/guides/implement-client-creds/use-flow/

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

Use ChilkatAx-win32.pkg

Procedure Test
    Handle hoHttp
    Boolean iSuccess
    Variant vReq
    Handle hoReq
    Variant vResp
    Handle hoResp
    Variant vSbResponseBody
    Handle hoSbResponseBody
    Handle hoJResp
    Integer iRespStatusCode
    String sAccess_token
    String sToken_type
    Integer iExpires_in
    String sScope
    String sTemp1
    Boolean bTemp1

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatHttp)) To hoHttp
    If (Not(IsComObjectCreated(hoHttp))) Begin
        Send CreateComObject of hoHttp
    End

    // Implements the following CURL command:

    // curl --request POST \
    //   --url https://{yourOktaDomain}/oauth2/default/v1/token \
    //   --header 'accept: application/json' \
    //   --user "client_id:client_secret" \
    //   --header 'cache-control: no-cache' \
    //   --header 'content-type: application/x-www-form-urlencoded' \
    //   --data 'grant_type=client_credentials&scope=customScope'

    Set ComLogin Of hoHttp To "client_id"
    Set ComPassword Of hoHttp To "client_secret"

    Get Create (RefClass(cComChilkatHttpRequest)) To hoReq
    If (Not(IsComObjectCreated(hoReq))) Begin
        Send CreateComObject of hoReq
    End
    Set ComHttpVerb Of hoReq To "POST"
    Set ComPath Of hoReq To "/oauth2/default/v1/token"
    Set ComContentType Of hoReq To "application/x-www-form-urlencoded"
    Send ComAddParam To hoReq "grant_type" "client_credentials"
    Send ComAddParam To hoReq "scope" "customScope"

    Send ComAddHeader To hoReq "accept" "application/json"

    Get pvComObject of hoReq to vReq
    Get ComPostUrlEncoded Of hoHttp "https://{yourOktaDomain}/oauth2/default/v1/token" vReq To vResp
    If (IsComObject(vResp)) Begin
        Get Create (RefClass(cComChilkatHttpResponse)) To hoResp
        Set pvComObject Of hoResp To vResp
    End
    Get ComLastMethodSuccess Of hoHttp To bTemp1
    If (bTemp1 = False) Begin
        Get ComLastErrorText Of hoHttp To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbResponseBody
    If (Not(IsComObjectCreated(hoSbResponseBody))) Begin
        Send CreateComObject of hoSbResponseBody
    End
    Get pvComObject of hoSbResponseBody to vSbResponseBody
    Get ComGetBodySb Of hoResp vSbResponseBody To iSuccess
    Get Create (RefClass(cComChilkatJsonObject)) To hoJResp
    If (Not(IsComObjectCreated(hoJResp))) Begin
        Send CreateComObject of hoJResp
    End
    Get pvComObject of hoSbResponseBody to vSbResponseBody
    Get ComLoadSb Of hoJResp vSbResponseBody To iSuccess
    Set ComEmitCompact Of hoJResp To False

    Showln "Response Body:"
    Get ComEmit Of hoJResp To sTemp1
    Showln sTemp1

    Get ComStatusCode Of hoResp To iRespStatusCode
    Showln "Response Status Code = " iRespStatusCode
    If (iRespStatusCode >= 400) Begin
        Showln "Response Header:"
        Get ComHeader Of hoResp To sTemp1
        Showln sTemp1
        Showln "Failed."
        Send Destroy of hoResp
        Procedure_Return
    End

    Send Destroy of hoResp

    // Sample JSON response:
    // (Sample code for parsing the JSON response is shown below)

    // {
    //   "access_token": "eyJraWQiO ... B2CnCLj7GRUW3mQ",
    //   "token_type": "Bearer",
    //   "expires_in": 3600,
    //   "scope": "customScope"
    // }

    // Sample code for parsing the JSON response...
    // Use the following online tool to generate parsing code from sample JSON:
    // Generate Parsing Code from JSON

    Get ComStringOf Of hoJResp "access_token" To sAccess_token
    Get ComStringOf Of hoJResp "token_type" To sToken_type
    Get ComIntOf Of hoJResp "expires_in" To iExpires_in
    Get ComStringOf Of hoJResp "scope" To sScope


End_Procedure