Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Okta: Use the Resource Owner Password Flow

See more Okta OAuth/OIDC Examples

Demonstrates how to get an access token using the Resource Owner Password Flow.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Http,
  Chilkat.HttpRequest,
  Chilkat.HttpResponse,
  Chilkat.StringBuilder,
  Chilkat.JsonObject;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  http: THttp;
  req: THttpRequest;
  resp: THttpResponse;
  sbResponseBody: TStringBuilder;
  jResp: TJsonObject;
  respStatusCode: Integer;
  access_token: string;
  token_type: string;
  expires_in: Integer;
  scope: string;
  id_token: string;

begin
  success := False;

  //  This example assumes the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  http := THttp.Create;

  //  Implements the following CURL command:

  //  curl --request POST \
  //    --url https://{yourOktaDomain}/oauth2/default/v1/token \
  //    --header 'accept: application/json' \
  //    --user "client_id:client_secret" \
  //    --header 'content-type: application/x-www-form-urlencoded' \
  //    --data 'grant_type=password&username=myUserEmail&password=myPassword&scope=openid'

  http.Login := 'client_id';
  http.Password := 'client_secret';

  req := THttpRequest.Create;
  req.HttpVerb := 'POST';
  req.Path := '/oauth2/default/v1/token';
  req.ContentType := 'application/x-www-form-urlencoded';
  req.AddParam('grant_type','password');
  req.AddParam('username','myUserEmail');
  req.AddParam('password','myPassword');
  req.AddParam('scope','openid');

  req.AddHeader('accept','application/json');

  resp := THttpResponse.Create;
  success := http.HttpReq('https://{yourOktaDomain}/oauth2/default/v1/token',req,resp);
  if (success = False) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  sbResponseBody := TStringBuilder.Create;
  resp.GetBodySb(sbResponseBody);
  jResp := TJsonObject.Create;
  jResp.LoadSb(sbResponseBody);
  jResp.EmitCompact := False;

  WriteLn('Response Body:');
  WriteLn(jResp.Emit());

  respStatusCode := resp.StatusCode;
  WriteLn('Response Status Code = ' + respStatusCode);
  if (respStatusCode >= 400) then
    begin
      WriteLn('Response Header:');
      WriteLn(resp.Header);
      WriteLn('Failed.');
      Exit;
    end;

  //  Sample JSON response:
  //  (Sample code for parsing the JSON response is shown below)

  //  {
  //    "access_token": "eyJraWQiOi ... jmiHD7wY9_gQ",
  //    "token_type": "Bearer",
  //    "expires_in": 3600,
  //    "scope": "openid",
  //    "id_token": "eyJraWQiOiJ ... W7KkWiPJnUSMoGw"
  //  }

  //  Sample code for parsing the JSON response...
  //  Use the following online tool to generate parsing code from sample JSON:
  //  Generate Parsing Code from JSON

  access_token := jResp.StringOf('access_token');
  token_type := jResp.StringOf('token_type');
  expires_in := jResp.IntOf('expires_in');
  scope := jResp.StringOf('scope');
  id_token := jResp.StringOf('id_token');


  http.Free;
  req.Free;
  resp.Free;
  sbResponseBody.Free;
  jResp.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.