Delphi
Download TMS Sphinx v2.0.0.0 Source Code Feb 2026 Delphi 10-13
Delphi framework for Identity Access Management, including authorization and authentication. OAuth2 compliant authorization mechanism, supporting grants: implicit, client credentials and authorization code with PKCE (Proof Key for Code Exchange). Follows OpenI...
Description
Delphi framework for Identity Access Management, including authorization and authentication. OAuth2 compliant authorization mechanism, supporting grants: implicit, client credentials and authorization code with PKCE (Proof Key for Code Exchange). Follows OpenID Connect specification for login workflow and identity token issuance.
Build your SSO Auth server in minutes, with non-visual components based on TMS Sparkle and TMS XData technologies.
Build-in optional self-user registration feature provides GUI allowing users to sign up for your software.
Make sure your users are real ones by requiring e-mail confirmation.
Full-features user interface includes a “forgot password” that allows users to recover the password themselves.
Both web and native applications are supported. Add authentication to your native applications using standard OAuth 2 flow.
Protecting your client applications by requiring users to login is as simple as dropping and configuring a non-visual TSphinxLogin component in the form
v2.0
New : Single Sign-On (SSO) support across client applications.
New : Several languages added to the login web application. Now the login application is fully localized in over 20 languages.
New : Refresh token support is now implemented, including refresh token rotation, single-use tokens, reuse detection, and scope reduction.
New : OIDC prompt parameter support in the authorize endpoint.
Improved : Transaction expired message is now more user friendly with automatic silent refresh.
Improved : Sphinx login app and the full authentication flow now works from internal networks without internet access.
Improved : Session cookie now includes SameSite=Lax attribute for improved CSRF protection.
Improved : Refer to official documentation for the list of new features and improvements
Improved : OpenID Connect metadata discovery endpoint now includes token_endpoint_auth_methods_supported property.
Improved : Login web application now works much better with screen readers using ARIA attributes.
Improved : Login web application CSS framework updated to latest version of Bootstrap 5.
Improved : Increased overall security of the login process, including improved CSP headers and other improvements.
Improved : Added new TSphinxClientApp.ClientAppUrl property for session expired redirect.
Fixed : Error from ticket 25319 regarding missing required parameter tid should now be properly fixed.