=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/oauth2/OAuth2Client.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/oauth2/OAuth2Client.java	2015-06-24 05:11:33 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/oauth2/OAuth2Client.java	2015-06-24 05:47:58 +0000
@@ -45,15 +45,27 @@
 /**
  * @author Morten Olav Hansen <mortenoh@gmail.com>
  */
-@JacksonXmlRootElement( localName = "client", namespace = DxfNamespaces.DXF_2_0 )
+@JacksonXmlRootElement( localName = "oAuth2Client", namespace = DxfNamespaces.DXF_2_0 )
 public class OAuth2Client extends BaseIdentifiableObject
 {
+    /**
+     * client_id
+     */
     private String cid;
 
+    /**
+     * client_secret
+     */
     private String secret = UUID.randomUUID().toString();
 
+    /**
+     * List of allowed redirect URI targets for this client.
+     */
     private List<String> redirectUris = new ArrayList<>();
 
+    /**
+     * List of allowed grant types for this client.
+     */
     private List<String> grantTypes = new ArrayList<>();
 
     public OAuth2Client()

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java	2015-06-21 12:44:37 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java	2015-06-24 05:47:58 +0000
@@ -37,6 +37,7 @@
 import org.springframework.security.oauth2.provider.ClientRegistrationException;
 import org.springframework.security.oauth2.provider.client.BaseClientDetails;
 
+import java.util.HashSet;
 import java.util.Set;
 
 /**
@@ -47,13 +48,8 @@
     @Autowired
     private OAuth2ClientService oAuth2ClientService;
 
-    private final Set<String> GRANT_TYPES =
-        Sets.newHashSet( "password", "authorization_code", "refresh_token", "implicit" );
-
     private final Set<String> SCOPES = Sets.newHashSet( "ALL" );
 
-    private final Set<String> REDIRECT_URIS = Sets.newHashSet( "http://www.example.org" );
-
     @Override
     public ClientDetails loadClientByClientId( String clientId ) throws ClientRegistrationException
     {
@@ -77,9 +73,9 @@
         BaseClientDetails clientDetails = new BaseClientDetails();
         clientDetails.setClientId( client.getCid() );
         clientDetails.setClientSecret( client.getSecret() );
-        clientDetails.setAuthorizedGrantTypes( GRANT_TYPES );
+        clientDetails.setAuthorizedGrantTypes( new HashSet<>( client.getGrantTypes() ) );
         clientDetails.setScope( SCOPES );
-        clientDetails.setRegisteredRedirectUri( REDIRECT_URIS );
+        clientDetails.setRegisteredRedirectUri( new HashSet<>( client.getRedirectUris() ) );
 
         return clientDetails;
     }