TsgcHTTP_OAuth2_Client › Properties › OAuth2Options

OAuth2Options Property

Client identity and grant-type selection driving the OAuth 2.0 flow.

Syntax

property OAuth2Options: TsgcHTTPOAuth2_Options read FOAuth2Options write SetOAuth2Options;

Default Value

GrantType=auth2Code; all string fields empty.

Remarks

Publishes the parameters required by the authorization server to identify the client and pick the grant type:

• ClientId: identifier issued by the provider (mandatory).
• ClientSecret: shared secret issued by the provider (required by confidential clients and by auth2Code, auth2ClientCredentials, auth2ResourceOwnerPassword).
• Username / Password: resource-owner credentials used by auth2ResourceOwnerPassword; also used when the token endpoint requires HTTP Basic authentication.
• GrantType: authorization flow to execute. One of:
  • auth2Code – Authorization Code flow for trusted server-side apps.
  • auth2CodePKCE – Authorization Code with PKCE for native / SPA clients.
  • auth2ClientCredentials – machine-to-machine flow, no user interaction.
  • auth2ResourceOwnerPassword – direct username/password exchange (legacy).
  • auth2DeviceCode – Device Authorization Grant (RFC 8628) for browser-less devices.
• State: opaque value echoed by the authorization server; generated automatically when read and empty.

Example

oOAuth2.OAuth2Options.GrantType := auth2CodePKCE;
oOAuth2.OAuth2Options.ClientId := '180803918357-eqjtn20gqfhcs6gjkebbrrenh022mqqc.apps.googleusercontent.com';
oOAuth2.OAuth2Options.ClientSecret := '_by0iYYrvVHxC2Z8TbtNEYQN';

Back to Properties