Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Office365 OAuth2 Client Credentials Flow for SMTP, IMAP, POP

See more Office365 Examples

Demonstrates how to get an OAuth2 access token using the Client Credentials flow for use with Office 365 in the SMTP, IMAP, and POP3 protocols.

This is a way of getting an OAuth2 access token for the O365 account you own, WITHOUT needing to grant access interactively via a browser.

Note: OAuth2 access tokens acquired using client credentials are not refreshed. This is because no interactive browser authentication was initially required. You can simply fetch another access token using client credentials using this sample code. Access tokens aquired using client credentials typically have a lifetime of 1 hour.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Http,
  Chilkat.HttpRequest,
  Chilkat.HttpResponse,
  Chilkat.FileAccess;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  http: THttp;
  req: THttpRequest;
  resp: THttpResponse;
  statusCode: Integer;
  fac: TFileAccess;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  Get an OAuth2 access token by sending a POST like this:

  //  	POST {tenant}/oauth2/v2.0/token
  //  	Host: login.microsoftonline.com
  //  	Content-Type: application/x-www-form-urlencoded
  //  
  //  	client_id=6731de76-14a6-49ae-97bc-6eba6914391e
  //  	&client_secret=*****************
  //  	&scope=https%3A%2F%2Foutlook.office365.com%2F.default
  //  	&grant_type=client_credentials

  http := THttp.Create;

  req := THttpRequest.Create;
  req.HttpVerb := 'POST';
  req.ContentType := 'application/x-www-form-urlencoded';

  //  ----------------------------------------------------------------------------------------
  //  Important:
  //  Your Azure Entra ID app must be explicitly setup to allow for the OAuth2 client credentials flow.
  //  Please follow the detailed guide for how to do it here:
  //  Office365 App Setup for SMTP, POP, IMAP OAuth2 Client Credentials
  //  
  //  Note: Your registered App must have the following permissions.
  //  For IMAP: IMAP.AccessAsApp
  //  For POP3: POP.AccessAsApp
  //  For SMTP: SMTP.SendAsApp
  //  ----------------------------------------------------------------------------------------

  //  Use the application ID for the client_id.
  //  (In Azure App Registrations, use the Application (client) ID)
  req.AddParam('client_id','CLIENT_ID');
  req.AddParam('client_secret','CLIENT_SECRET');
  req.AddParam('scope','https://outlook.office365.com/.default');
  req.AddParam('grant_type','client_credentials');

  //  Replace "{tenant}" with your tenant ID, such as "112d7ed6-71bf-4eba-a866-738364321bfc".req.HttpVerb = "POST";

  resp := THttpResponse.Create;
  success := http.HttpReq('https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token',req,resp);
  if (success = False) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  statusCode := resp.StatusCode;
  WriteLn('response status code: ' + statusCode);
  WriteLn('response body:');
  WriteLn(resp.BodyStr);

  //  The successful JSON response looks like this:

  //  {
  //    "token_type": "Bearer",
  //    "expires_in": 3599,
  //    "ext_expires_in": 3599,
  //    "access_token": "eyJ0eX...ZKaeSVSg"
  //  }

  //  Save the JSON to a file for future requests.
  //  The Office365 access token acquired by client credentials is typically valid for ..
  if (statusCode = 200) then
    begin
      fac := TFileAccess.Create;
      fac.WriteEntireTextFile('qa_data/tokens/office365.json',resp.BodyStr,'utf-8',False);
    end;


  http.Free;
  req.Free;
  resp.Free;
      fac.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.