OAuth2 support can be troublesome to configure due to the various actor implementations by different vendors. When client access is denied, you may need to troubleshoot your Spring OAuth2 configuration. It is often easier to setup a dedicated PAS for OpenEdge test instance, and enable full Spring Security and OpenEdge logging. It will produce large amounts of information, which can be filtered after you gain a better understanding of the problem area.

Open the $CATALINA_BASE/ablapps/abl-app-name/conf/logging-ablapp.xml file. Un-comment the following lines, and set their values to "DEBUG":

<logger name="org.springframework.security.oauth2" level="DEBUG" />
<logger name="org.springframework.security.jwt" level="DEBUG" />
<logger name="org.springframework" level="DEBUG"/>
<logger name="com.progress.appserv.services.security" level="DEBUG"/>