[ https://issues.jboss.org/browse/TEIID-3763?page=com.atlassian.jira.plugin... ] Ramesh Reddy commented on TEIID-3763: ------------------------------------- OAuth10LoginModule and OAuth20LoginModule do the job of getting the "AccessToken" based on the "RefreshToken" obtained by the teiid-oauth-util.sh. So, Yes they are needed, so are the other properties. Look inside the "OAuth20CredentialImpl" and "OAuth10CredentialImpl" classes. teiid-oauth-util.sh "only" gets the "RefreshToken", that is does not the complete security. Also, the "AccessToken" does expire and can be revoked any time, in those situations the LoginModule re-negotiates a new AccessToken. As per per your UI comment, I have not thought about it yet. Yes it is already supported in WSManagedConnectionFactory, I am not sure what you mean by that comment. As per IronJacmar, I am not sure how that integrates, so I can not comment right now. -- This message was sent by Atlassian JIRA (v6.4.11#64026)