Sample code for 30+ languages & platforms
SQL Server

Hotmail OAuth2 Access Token for SMTP, IMAP, POP

See more OAuth2 Examples

Demonstrates how to get an OAuth2 access token for use in the SMTP, IMAP, and POP3 protocols for Hotmail.com, Live.com, and Outlook.com

Note: It is only the initial access token that must be obtained interactively using a browser (see the code and comments below). Once the initial OAuth2 access token is obtained, then it can refreshed indefinitely with no user interaction.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @oauth2 int
    EXEC @hr = sp_OACreate 'Chilkat.OAuth2', @oauth2 OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- This should be the port in the localhost callback URL for your app.  
    -- The callback URL would look like "http://localhost:3017/" if the port number is 3017.
    EXEC sp_OASetProperty @oauth2, 'ListenPort', 3017

    -- See Microsoft OAuth2 Authorization Endpoint
    EXEC sp_OASetProperty @oauth2, 'AuthorizationEndpoint', 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize'
    EXEC sp_OASetProperty @oauth2, 'TokenEndpoint', 'https://login.microsoftonline.com/common/oauth2/v2.0/token'

    -- Replace this with your actual App Registration's Application (client) ID.
    EXEC sp_OASetProperty @oauth2, 'ClientId', 'CLIENT_ID'

    -- This is for Require Proof Key for Code Exchange (PKCE)
    -- See OAuth2 PKCE Explained
    EXEC sp_OASetProperty @oauth2, 'CodeChallenge', 1
    EXEC sp_OASetProperty @oauth2, 'CodeChallengeMethod', 'S256'

    -- Provide a SPACE separated list of scopes.
    -- Important: The offline_access scope is needed to get a refresh token.
    EXEC sp_OASetProperty @oauth2, 'Scope', 'openid profile offline_access https://outlook.office.com/SMTP.Send https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All'

    -- ----------------------------------------------------------------------
    -- Note: It is only the initial access token that must be obtained interactively using a browser.  
    -- Once the initial OAuth2 access token is obtained, then it can refreshed indefinitely with no user interaction.
    -- ----------------------------------------------------------------------

    -- Begin the OAuth2 Authorization code flow.  This returns a URL that should be loaded in a browser.
    DECLARE @url nvarchar(4000)
    EXEC sp_OAMethod @oauth2, 'StartAuth', @url OUT
    EXEC sp_OAGetProperty @oauth2, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 <> 1
      BEGIN
        EXEC sp_OAGetProperty @oauth2, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END


    PRINT 'url = ' + @url

    -- Launch the default browser on the system and navigate to the url.
    -- The LaunchBrowser method was added in Chilkat v10.1.2.
    EXEC sp_OAMethod @oauth2, 'LaunchBrowser', @success OUT, @url
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @oauth2, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    -- Wait for the user to approve or deny authorization in the browser.
    DECLARE @numMsWaited int
    SELECT @numMsWaited = 0
    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    WHILE (@numMsWaited < 90000) and (@iTmp0 < 3)
      BEGIN
        EXEC sp_OAMethod @oauth2, 'SleepMs', NULL, 100
        SELECT @numMsWaited = @numMsWaited + 100
      END

    -- If the browser does not respond within the specified time, AuthFlowState will be:
    -- 
    -- 1: Waiting for Redirect - The OAuth2 background thread is waiting for the browser's redirect request.
    -- 2: Waiting for Final Response - The thread is awaiting the final access token response.
    -- In either case, cancel the background task initiated by StartAuth.

    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 < 3
      BEGIN
        EXEC sp_OAMethod @oauth2, 'Cancel', @success OUT

        PRINT 'No response from the browser!'
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    -- Check AuthFlowState to determine if authorization was granted, denied, or failed:
    -- 
    -- 3: Success - OAuth2 flow completed, the background thread exited, and the successful response is in AccessTokenResponse.
    -- 4: Access Denied - OAuth2 flow completed, the background thread exited, and the error response is in AccessTokenResponse.
    -- 5: Failure - OAuth2 flow failed before completion, the background thread exited, and error details are in FailureInfo.

    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 = 5
      BEGIN

        PRINT 'OAuth2 failed to complete.'
        EXEC sp_OAGetProperty @oauth2, 'FailureInfo', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 = 4
      BEGIN

        PRINT 'OAuth2 authorization was denied.'
        EXEC sp_OAGetProperty @oauth2, 'AccessTokenResponse', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 <> 3
      BEGIN

        EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
        PRINT 'Unexpected AuthFlowState:' + @iTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END


    PRINT 'OAuth2 authorization granted!'

    EXEC sp_OAGetProperty @oauth2, 'AccessToken', @sTmp0 OUT
    PRINT 'Access Token = ' + @sTmp0

    -- Get the full JSON response:
    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OAGetProperty @oauth2, 'AccessTokenResponse', @sTmp0 OUT
    EXEC sp_OAMethod @json, 'Load', @success OUT, @sTmp0
    EXEC sp_OASetProperty @json, 'EmitCompact', 0

    -- The JSON response looks like this:
    -- 
    -- {
    --   "token_type": "Bearer",
    --   "scope": "IMAP.AccessAsUser.All openid POP.AccessAsUser.All profile SMTP.Send email",
    --   "expires_in": 3599,
    --   "ext_expires_in": 3599,
    --   "access_token": "...",
    --   "refresh_token": "...",
    --   "id_token": "...",
    --   "expires_on": "1592748507"
    -- }

    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    PRINT @sTmp0

    -- Save the JSON to a file for future requests.
    DECLARE @fac int
    EXEC @hr = sp_OACreate 'Chilkat.FileAccess', @fac OUT

    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @fac, 'WriteEntireTextFile', @success OUT, 'qa_data/tokens/hotmail.json', @sTmp0, 'utf-8', 0

    EXEC @hr = sp_OADestroy @oauth2
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @fac


END
GO