For security reasons it is recommended to use HTTPS in your production environment. If you will be using HTTPS as the transport protocol over which the OAuth2 access tokens will be granted authorization, you must set the parameters pg.oauth2.isHTTPS and pg.oauth2.ports as described in Administering webMethods Mediator.