Sample code for 30+ languages & platforms
SQL Server

POST application/x-www-form-urlencoded Two Ways

See more HTTP Examples

This example explains how a POST with params can be formatted in different ways. Params can be encoded in the URL, in which case they appear in the "start line" of the HTTP request, or params can be placed within the body of the request. A properly implemented server SHOULD accept both -- it SHOULD make no difference where the params are located. They are simply the params of a POST. But alas, many servers are not, and we need to cope with the particulars..

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- We start with this CURL statement:

    -- curl -X POST "https://xyz.softeon.com/api/token?grant_type=client_credentials&resource=https://xyz.softeon.com/resources&scope=openid&client_id=AAA&client_secret=BBB" -H "Content-Type: application/x-www-form-urlencoded"

    -- Postman would send the following request:

    -- POST /api/token?grant_type=client_credentials&resource=https://xyz.softeon.com/resources&scope=openid&client_id=AAA&client_secret=BBB HTTP/1.1
    -- Content-Type: application/x-www-form-urlencoded
    -- User-Agent: PostmanRuntime/7.26.8
    -- Accept: */*
    -- Cache-Control: no-cache
    -- Postman-Token: 719e6ada-5b0e-4d3f-8166-37433efdcaa1
    -- Host: xyz.softeon.com
    -- Accept-Encoding: gzip, deflate, br
    -- Connection: keep-alive
    -- Content-Length: 0

    -- We can see that the params are located in the "start line" of the HTTP request, and the request has no body (the Content-Length is 0).

    -- You can use Chilkat's online tool to generate the code for the above CURL statement.
    -- Generate Source Code from CURL Statement
    -- 

    -- Here's the generated code:

    DECLARE @http int
    EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- We can see the exact HTTP request sent by setting a session log filename:
    EXEC sp_OASetProperty @http, 'SessionLogFilename', 'qa_output/sessionLog.txt'

    EXEC sp_OAMethod @http, 'SetRequestHeader', NULL, 'Content-Type', 'application/x-www-form-urlencoded'

    DECLARE @resp int
    EXEC @hr = sp_OACreate 'Chilkat.HttpResponse', @resp OUT

    EXEC sp_OAMethod @http, 'HttpNoBody', @success OUT, 'POST', 'https://xyz.softeon.com/api/token?grant_type=client_credentials&resource=https://xyz.softeon.com/resources&scope=openid&client_id=AAA&client_secret=BBB', @resp
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @resp
        RETURN
      END


    PRINT 'Response body:'
    EXEC sp_OAGetProperty @resp, 'BodyStr', @sTmp0 OUT
    PRINT @sTmp0

    -- Here's what is sent by Chilkat.  It is essentially the same thing:

    -- POST /api/token?grant_type=client_credentials&resource=https://xyz.softeon.com/resources&scope=openid&client_id=AAA&client_secret=BBB HTTP/1.1
    -- Host: xyz.softeon.com
    -- Accept: */*
    -- Accept-Encoding: gzip
    -- Content-Type: application/x-www-form-urlencoded
    -- Content-Length: 0

    -- -------------------------------------------------------------------------------------------------------------------------------------------------
    -- Now let's look at the alternative way of sending a POST application/x-www-form-urlencoded,
    -- where the params are contained within the body of the request.

    -- curl -X POST  https://xyz.softeon.com/api/token \
    -- -H 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' \
    -- -d 'grant_type=client_credentials' \
    -- -d 'resource=https://xyz.softeon.com/resources' \
    -- -d 'scope=openid' \
    -- -d 'client_id=AAA' \
    -- -d 'client_secret=BBB'

    -- The Chilkat tool at https://tools.chilkat.io/curlHttp.cshtml
    -- generates the following code:
    -- (We changed the names of the variables to keep things entirely separate from the above code.)

    DECLARE @httpB int
    EXEC @hr = sp_OACreate 'Chilkat.Http', @httpB OUT

    EXEC sp_OASetProperty @httpB, 'SessionLogFilename', 'qa_output/sessionLogB.txt'

    DECLARE @reqB int
    EXEC @hr = sp_OACreate 'Chilkat.HttpRequest', @reqB OUT

    EXEC sp_OASetProperty @reqB, 'HttpVerb', 'POST'
    EXEC sp_OASetProperty @reqB, 'Path', '/api/token'
    EXEC sp_OASetProperty @reqB, 'ContentType', 'application/x-www-form-urlencoded'
    EXEC sp_OAMethod @reqB, 'AddParam', NULL, 'grant_type', 'client_credentials'
    EXEC sp_OAMethod @reqB, 'AddParam', NULL, 'resource', 'https://xyz.softeon.com/resources'
    EXEC sp_OAMethod @reqB, 'AddParam', NULL, 'scope', 'openid'
    EXEC sp_OAMethod @reqB, 'AddParam', NULL, 'client_id', 'AAA'
    EXEC sp_OAMethod @reqB, 'AddParam', NULL, 'client_secret', 'BBB'

    DECLARE @respB int
    EXEC @hr = sp_OACreate 'Chilkat.HttpResponse', @respB OUT

    EXEC sp_OAMethod @httpB, 'HttpReq', @success OUT, 'https://xyz.softeon.com/api/token', @reqB, @respB
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @httpB, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @resp
        EXEC @hr = sp_OADestroy @httpB
        EXEC @hr = sp_OADestroy @reqB
        EXEC @hr = sp_OADestroy @respB
        RETURN
      END


    PRINT 'Response body:'
    EXEC sp_OAGetProperty @respB, 'BodyStr', @sTmp0 OUT
    PRINT @sTmp0

    -- Looking at the sessionLogB.txt, we can see the following HTTP POST was sent:

    -- POST /api/token HTTP/1.1
    -- Host: xyz.softeon.com
    -- Content-Type: application/x-www-form-urlencoded
    -- Content-Length: 134
    -- 
    -- grant_type=client_credentials&resource=https%3A%2F%2Fxyz.softeon.com%2Fresources&scope=openid&client_id=AAA&client_secret=BBB

    -- --
    -- Notice how the params are sent in the body of the request.  The Content-Length is now non-zero, and the params are not present in the start-line of the HTTP request.
    -- Technically, this SHOULD be equivalent to the above request where the params are in the start-line.
    -- Unfortunately, many servers are brittle and stupid and want the POST to be in a particular form.

    EXEC @hr = sp_OADestroy @http
    EXEC @hr = sp_OADestroy @resp
    EXEC @hr = sp_OADestroy @httpB
    EXEC @hr = sp_OADestroy @reqB
    EXEC @hr = sp_OADestroy @respB


END
GO