TsgcHTTP_OAuth2_Server › Properties › OAuth2Options
Authorization-server configuration: endpoint URLs, token lifetimes, PKCE, DPoP, revocation, introspection and device-code settings.
property OAuth2Options: TsgcHTTPOAuth2Server_Options read FOAuth2Options write SetOAuth2Options;PKCE=True; DPoP=False; default endpoints under /sgc/oauth2/*.
Groups the published sub-properties that tune how the OAuth 2.0 authorization server issues and validates tokens:
/sgc/oauth2/auth./sgc/oauth2/token.Enabled toggles the endpoint; URL defaults to /sgc/oauth2/revoke.Enabled toggles the endpoint; URL defaults to /sgc/oauth2/introspect.Enabled, URL (default /sgc/oauth2/device), VerificationURL (default /sgc/oauth2/device/verify), ExpiresIn (default 600 s) and polling Interval (default 5 s).code_challenge/code_verifier pair.OnOAuth2ValidateDPoP for custom proof validation.Apps (ClientId/ClientSecret/RedirectURI/AllowedGrantTypes) and JWKS/provider metadata are handled on the component's Apps and related properties, not under OAuth2Options.
OAuth2.OAuth2Options.Authorization.URL := '/sgc/oauth2/auth';
OAuth2.OAuth2Options.Token.URL := '/sgc/oauth2/token';
OAuth2.OAuth2Options.PKCE := True;
OAuth2.OAuth2Options.DPoP := True;
OAuth2.OAuth2Options.Revocation.Enabled := True;
OAuth2.OAuth2Options.Introspection.Enabled := True;
OAuth2.OAuth2Options.DeviceAuthorization.Enabled := True;
OAuth2.OAuth2Options.DeviceAuthorization.ExpiresIn := 600;
OAuth2.OAuth2Options.DeviceAuthorization.Interval := 5;