diff --git a/framework/src/Maveriks/WebApplication.php b/framework/src/Maveriks/WebApplication.php
index b5a985049..42fc81e1c 100644
--- a/framework/src/Maveriks/WebApplication.php
+++ b/framework/src/Maveriks/WebApplication.php
@@ -296,6 +296,9 @@ class WebApplication
         list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, '');
         $port = empty($port) ? '' : ";port=$port";
         Services\OAuth2\Server::setDatabaseSource(DB_USER, DB_PASS, DB_ADAPTER.":host=$host;dbname=".DB_NAME.$port);
+        if (DB_NAME != DB_RBAC_NAME) { //it's PM < 3
+            Services\OAuth2\Server::setDatabaseSourceRBAC(DB_RBAC_USER, DB_RBAC_PASS, DB_ADAPTER.":host=".DB_RBAC_HOST.";dbname=".DB_RBAC_NAME.$port);
+        }
 
         // Setting default OAuth Client id, for local PM Web Designer
         Services\OAuth2\Server::setPmClientId($pmOauthClientId);
diff --git a/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php b/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php
index 40aa21e68..dd1573aea 100644
--- a/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php
+++ b/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php
@@ -17,9 +17,10 @@ class PmPdo implements \OAuth2\Storage\AuthorizationCodeInterface,
 {
 
     protected $db;
+    protected $dbRBAC;
     protected $config;
 
-    public function __construct($connection, $config = array())
+    public function __construct($connection, $config = array(), $connectionRBAC = null)
     {
         if (!$connection instanceof \PDO) {
             if (!is_array($connection)) {
@@ -37,6 +38,23 @@ class PmPdo implements \OAuth2\Storage\AuthorizationCodeInterface,
         }
         $this->db = $connection;
 
+        // it's for Pm < 3
+        if (!is_null($connectionRBAC) &&(!$connectionRBAC instanceof \PDO)) {
+            if (!is_array($connectionRBAC)) {
+                throw new \InvalidArgumentException('First argument to OAuth2\Storage\Pdo must be an instance of PDO or a configuration array');
+            }
+            if (!isset($connectionRBAC['dsn'])) {
+                throw new \InvalidArgumentException('configuration array must contain "dsn"');
+            }
+            // merge optional parameters
+            $connectionRBAC = array_merge(array(
+                'username' => null,
+                'password' => null,
+            ), $connectionRBAC);
+            $connectionRBAC = new \PDO($connectionRBAC['dsn'], $connectionRBAC['username'], $connectionRBAC['password']);
+        }
+        $this->dbRBAC = $connectionRBAC;
+
         // debugging
         $connection->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
 
@@ -217,6 +235,9 @@ class PmPdo implements \OAuth2\Storage\AuthorizationCodeInterface,
     public function getUser($username)
     {
         $stmt = $this->db->prepare($sql = sprintf('SELECT * FROM %s WHERE USR_USERNAME=:username', $this->config['user_table']));
+        if (!is_null($this->dbRBAC)) {
+            $stmt = $this->dbRBAC->prepare($sql = sprintf('SELECT * FROM %s WHERE USR_USERNAME=:username', $this->config['user_table']));
+        }
         $stmt->execute(array('username' => $username));
 
         if (!$userInfo = $stmt->fetch()) {
diff --git a/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php b/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php
index b2fc75a7b..fde833117 100644
--- a/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php
+++ b/workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php
@@ -29,6 +29,10 @@ class Server implements iAuthenticate
     protected static $dbUser;
     protected static $dbPassword;
     protected static $dsn;
+    protected static $dbUserRBAC;
+    protected static $dbPasswordRBAC;
+    protected static $dsnRBAC;
+    protected static $isRBAC = false;
     protected static $workspace;
 
     public function __construct()
@@ -42,9 +46,15 @@ class Server implements iAuthenticate
         );
 
         // $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
-        $config = array('dsn' => self::$dsn, 'username' => self::$dbUser, 'password' => self::$dbPassword);
-        //var_dump($config); die;
-        $this->storage = new PmPdo($config);
+        $cnn = array('dsn' => self::$dsn, 'username' => self::$dbUser, 'password' => self::$dbPassword);
+
+        if (self::$isRBAC) {
+            $config = array('user_table' => 'USERS');
+            $cnnrbac = array('dsn' => self::$dsnRBAC, 'username' => self::$dbUserRBAC, 'password' => self::$dbPasswordRBAC);
+            $this->storage = new PmPdo($cnn, $config, $cnnrbac);
+        } else {
+            $this->storage = new PmPdo($cnn);
+        }
 
         // Pass a storage object or array of storage objects to the OAuth2 server class
         $this->server = new \OAuth2\Server($this->storage, array('allow_implicit' => true));
@@ -112,6 +122,21 @@ class Server implements iAuthenticate
         }
     }
 
+    public static function setDatabaseSourceRBAC($user, $password = '', $dsn = '')
+    {
+        if (is_array($user)) {
+            self::$dbUserRBAC = $user['username'];
+            self::$dbPasswordRBAC = $user['password'];
+            self::$dsnRBAC = $user['dsn'];
+            self::$isRBAC = true;
+        } else {
+            self::$dbUserRBAC = $user;
+            self::$dbPasswordRBAC = $password;
+            self::$dsnRBAC = $dsn;
+            self::$isRBAC = true;
+        }
+    }
+
     public static function setWorkspace($workspace)
     {
         self::$workspace = $workspace;