Thank you for your help so far, 2 minor issues:
Should TsgcHTTPComponentServer_OAuth2.AddToken not have "Scope" included as parameter:
If a token is saved and then loaded again, it doesn't have the same scope and errors with "Scope is different from previous value Administrator" in TsgcHTTPComponentServer_OAuth2.GetJSONAccessToken, if I overload and add "Scope" it works fine.
Also the line "if aExpires > Now then" in TsgcHTTPComponentServer_OAuth2.AddToken prevents the adding of expired tokens:
Although the AccessToken has expired, the RefreshToken is still valid, not adding when reloading saved tokens results in "Refresh Token not found"