Sample code for 30+ languages & platforms
PureBasic

Okta Client Credentials FLow

See more Okta OAuth/OIDC Examples

The Client Credentials flow is recommended for use in machine-to-machine authentication. Your application will need to securely store its Client ID and Secret and pass those to Okta in exchange for an access token. At a high-level, the flow only has two steps:
  • Your application passes its client credentials to your Okta authorization server.
  • If the credentials are accurate, Okta responds with an access token.

Note: This example uses "customScope". You'll replace it with whatever scope(s) you've defined for your app. Scopes are defined in your Authorization Server. See Okta Authorization Server / Scopes

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkHttpResponse.pb"
IncludeFile "CkHttp.pb"
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkHttpRequest.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    http.i = CkHttp::ckCreate()
    If http.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Implements the following CURL command:

    ; curl --request POST \
    ;   --url https://{yourOktaDomain}/oauth2/default/v1/token \
    ;   --header 'accept: application/json' \
    ;   --user "client_id:client_secret" \
    ;   --header 'cache-control: no-cache' \
    ;   --header 'content-type: application/x-www-form-urlencoded' \
    ;   --data 'grant_type=client_credentials&scope=customScope'

    CkHttp::setCkLogin(http, "client_id")
    CkHttp::setCkPassword(http, "client_secret")

    req.i = CkHttpRequest::ckCreate()
    If req.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkHttpRequest::setCkHttpVerb(req, "POST")
    CkHttpRequest::setCkPath(req, "/oauth2/default/v1/token")
    CkHttpRequest::setCkContentType(req, "application/x-www-form-urlencoded")
    CkHttpRequest::ckAddParam(req,"grant_type","client_credentials")
    CkHttpRequest::ckAddParam(req,"scope","customScope")

    CkHttpRequest::ckAddHeader(req,"accept","application/json")

    resp.i = CkHttpResponse::ckCreate()
    If resp.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkHttp::ckHttpReq(http,"https://{yourOktaDomain}/oauth2/default/v1/token",req,resp)
    If success = 0
        Debug CkHttp::ckLastErrorText(http)
        CkHttp::ckDispose(http)
        CkHttpRequest::ckDispose(req)
        CkHttpResponse::ckDispose(resp)
        ProcedureReturn
    EndIf

    sbResponseBody.i = CkStringBuilder::ckCreate()
    If sbResponseBody.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkHttpResponse::ckGetBodySb(resp,sbResponseBody)
    jResp.i = CkJsonObject::ckCreate()
    If jResp.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckLoadSb(jResp,sbResponseBody)
    CkJsonObject::setCkEmitCompact(jResp, 0)

    Debug "Response Body:"
    Debug CkJsonObject::ckEmit(jResp)

    respStatusCode.i = CkHttpResponse::ckStatusCode(resp)
    Debug "Response Status Code = " + Str(respStatusCode)
    If respStatusCode >= 400
        Debug "Response Header:"
        Debug CkHttpResponse::ckHeader(resp)
        Debug "Failed."
        CkHttp::ckDispose(http)
        CkHttpRequest::ckDispose(req)
        CkHttpResponse::ckDispose(resp)
        CkStringBuilder::ckDispose(sbResponseBody)
        CkJsonObject::ckDispose(jResp)
        ProcedureReturn
    EndIf

    ; Sample JSON response:
    ; (Sample code for parsing the JSON response is shown below)

    ; {
    ;   "access_token": "eyJraWQiO ... B2CnCLj7GRUW3mQ",
    ;   "token_type": "Bearer",
    ;   "expires_in": 3600,
    ;   "scope": "customScope"
    ; }

    ; Sample code for parsing the JSON response...
    ; Use the following online tool to generate parsing code from sample JSON:
    ; Generate Parsing Code from JSON

    access_token.s = CkJsonObject::ckStringOf(jResp,"access_token")
    token_type.s = CkJsonObject::ckStringOf(jResp,"token_type")
    expires_in.i = CkJsonObject::ckIntOf(jResp,"expires_in")
    scope.s = CkJsonObject::ckStringOf(jResp,"scope")


    CkHttp::ckDispose(http)
    CkHttpRequest::ckDispose(req)
    CkHttpResponse::ckDispose(resp)
    CkStringBuilder::ckDispose(sbResponseBody)
    CkJsonObject::ckDispose(jResp)


    ProcedureReturn
EndProcedure