From sgcWebSockets 2026.1.0 Azure AMQP 1.0 supports CBS Authentication using SAS Tokens and JWT. Azure Service Bus implements Claims-Based Security (CBS) over AMQP to authorize senders and receivers after the initial SASL handshake. The client opens a management link to the $cbs node and sends a put-token request containing either a Shared Access S...

The 2025.10.0 release of sgcWebSockets elevates Model Context Protocol (MCP) connectivity with a hardened authentication layer for both client and server components. This article highlights how the new capabilities combine enterprise-grade access control with the rapid development workflow Delphi teams expect from sgcWebSockets. What is new Dual en...

In MCP, resources represent addressable data objects that the server exposes such as files, database records, generated documents, or dynamic API outputs. They are client-controlled, meaning the client can decide which resource to request and how to interpret the content. The two main methods involved are: resources/list: Requests the list of all a...

The latest release of sgcWebSockets 2025.9.0 introduces a game-changing feature for AI developers and system integrators — full support for the Model Context Protocol (MCP). This innovation marks a major leap forward in how sgcWebSockets connects your AI-driven applications to the real world — from CRMs and databases to custom business tools. ...

With sgcWebSockets 2025.9.0, the Model Context Protocol (MCP) server now supports Prompt Requests, enabling AI clients to query and render dynamic prompt templates. This capability makes it possible to expose reusable AI prompts (like "summarize text" or "review code") directly through WebSockets using the MCP standard. What Are MCP Prompt Requests...

With the release of sgcWebSockets 2025.9.0, developers can now integrate Model Context Protocol (MCP) functionality directly into their servers. This includes the ability to handle MCP Tool Requests, a key component of enabling dynamic and intelligent communication between AI models and backend services. This guide will walk you through how MCP Too...

The sgcWebSockets library supports multiple authentication methods to secure WebSocket communication in Delphi and C++Builder applications. Since the WebSocket protocol itself doesn't define an authentication mechanism, sgcWebSockets implements its own set of techniques suitable for both server and client sides. Supported Authentication Types The l...

When using the Indy WebSocket server for TCP Connections, by default the OnConnect event is only fired after the first message is received because there is no way to filter if the connection is plain TCP, websocket, HTTP... in cases where all connections are expected to be TCP, now you can handle the event OnTCPConnect and set the transport to trpT...

WebAuthn (Web Authentication) is a W3C standard that enables secure, passwordless, and phishing-resistant authentication using public-key cryptography. It's widely used with passkeys to improve security and user experience. However, authenticating users with WebAuthn is just the first step — after successful authentication, you often need to author...

WebAuthn is the authentication layer of the FIDO2 standard. Instead of depending on user‑remembered secrets, it employs asymmetric cryptography. During registration, a user's authenticator (hardware key, secure enclave, TPM, etc.) generates a private–public key pair scoped to the relying party domain. The browser sends the public key and attestatio...

 Similar to the Chat Completions API, the Assistants API supports function calling. Function calling allows you to describe functions to the Assistants API and have it intelligently return the functions that need to be called along with their arguments. In this example, we'll create a weather assistant and define two functions, get_current_tem...

From sgcWebSockets 2025.4.0 Enterprise, the  WebAuthn Protocol is supported (currently in BETA).  WebAuthn (Web Authentication) is a web standard developed by the World Wide Web Consortium (W3C) and FIDO Alliance to enable secure, passwordless authentication on the web. It is part of the broader FIDO2 framework and aims to reduce rel...

By default the TsgcHTTP1client uses blocking requests, so after calling an HTTP Request method, the client waits the response from the server. From sgcWebSockets 2025.3.0 you can use Asynchronous methods to execute these HTTP Requests in a secondary thread avoiding to block the thread where the requests is called. The following asynchronous methods...

By Default Indy defines the most common openssl functions needed to encrypt the communications, but sometimes you need more functions for encryption, signing... From sgcIndy 2025.3.0 you can use the new method IdOpenSSLSetLoadFuncsCallback to assign a callback for loading additional OpenSSL functions dynamically. IdOpenSSLSetLoadFuncsCall...

The OpenAI Assistant Client has been improved to implement the streaming responses when calling a run thread. Before this new feature, it requires to poll the run object status till it's completed. Now you can use the new Stream events to handle the streaming messages. Streaming Events Instead of waiting the full response from the assistant, y...

From sgcWebSockets 2024.10.0 you can use the OpenAI Assistants to search in your own files instead of using the generic model. File Search augments the Assistant with knowledge from outside its model, such as proprietary product information or documents provided by your users. OpenAI automatically parses and chunks your documents, creates and store...

From sgcOpenAPI 2024.9.0 the parser has been improved with the following new features: - Bundle Specification: if the specification is built with multiple schemas, the parser can bundle into a single specification file. - Output Parser Parameters: when creating the pascal interface, the parameters used to import the specifications are written in th...

OpenSSL 3.0 moved several deprecated or insecure algorithms into an internal library module called legacy provider. It is not loaded by default, so apps (or their language runtimes) that use OpenSSL for cryptographic operations cannot use such algorithms when loading certificates, creating message digests ... If you try to load a p12 certificate fo...

From sgcWebSockets 2024.5.0 PKCE, which stands for "Proof of Key Code Exchange" is an extension of the OAuth 2.0 protocol that helps prevent code interception attacks. PKCE is supported on OAuth2 Server and Client Components. What is PKCE PKCE (Proof Key for Code Exchange) is an OAuth 2.0 security enhancement designed to protect against a...

While the openSSL libraries 1.0 and 1.1 are not receiving any more updates, users should consider to use the latest openSSL 3.0 or 3.1 APIs.  Find below the differences between 3.0 and 3.1: OpenSSL 3.0 is a Long Term Support version and will be supported till 7th September 2026.OpenSSL 3.1 will be supported till 14th March 2025....