diff --git a/Templates/ODataCustomAuthController.tpl b/Templates/ODataCustomAuthController.tpl
index e5b777a5..f3e7cb8a 100644
--- a/Templates/ODataCustomAuthController.tpl
+++ b/Templates/ODataCustomAuthController.tpl
@@ -1,4 +1,7 @@
 <CODEGEN_FILENAME>AuthenticationController.dbl</CODEGEN_FILENAME>
+<REQUIRES_USERTOKEN>CUSTOM_AUTH_CONTROLLER_PATH</REQUIRES_USERTOKEN>
+<REQUIRES_USERTOKEN>CUSTOM_AUTH_USERNAME</REQUIRES_USERTOKEN>
+<REQUIRES_USERTOKEN>CUSTOM_AUTH_PASSWORD</REQUIRES_USERTOKEN>
 ;;*****************************************************************************
 ;;
 ;; Title:       AuthenticationController.dbl
diff --git a/Templates/ODataCustomAuthTools.tpl b/Templates/ODataCustomAuthTools.tpl
index 844651f6..baa28bab 100644
--- a/Templates/ODataCustomAuthTools.tpl
+++ b/Templates/ODataCustomAuthTools.tpl
@@ -1,4 +1,7 @@
 <CODEGEN_FILENAME>AuthenticationTools.dbl</CODEGEN_FILENAME>
+<REQUIRES_USERTOKEN>CUSTOM_JWT_ISSUER</REQUIRES_USERTOKEN>
+<REQUIRES_USERTOKEN>CUSTOM_JWT_AUDIENCE</REQUIRES_USERTOKEN>
+<REQUIRES_USERTOKEN>CUSTOM_JWT_GETKEY</REQUIRES_USERTOKEN>
 ;;*****************************************************************************
 ;;
 ;; Title:       AuthenticationTools.dbl
@@ -35,8 +38,9 @@ namespace <NAMESPACE>
 
         public static method GetKey, [#]Byte
         proc
-            ;TODO: Obtain the private encryption key. PLEASE don't do it this way in production environments.
-            mreturn Encoding.UTF8.Getbytes("This is the secret value or password that is used as the encryption key. In production environments you should use something far more complex and random, and should not embed the value in source code like this. We recommend using some secure key storage mechanism such as Azure KeyVault. <GUID_NOBRACE>")
+            ;Obtain the private encryption key.
+            ;TODO: This is the secret value or password that is used as the encryption key. In production environments you should use something far more complex and random, and you SHOULD NOT embed the value in source code. We recommend using some secure key storage mechanism such as Azure KeyVault. 
+            mreturn <CUSTOM_JWT_GETKEY>
         endmethod
 
         private static ourKey, @SymmetricSecurityKey, new SymmetricSecurityKey(GetKey())
@@ -46,11 +50,6 @@ namespace <NAMESPACE>
             aTokenDuration, int
             ;;Cound add other parameters to pass in custom claims to be added to the JWT.
 
-            record
-                logical,    a40
-                loglen,     i4
-                tokdur,     d8
-
         proc
 
             ;;Token duration in hours
@@ -60,16 +59,19 @@ namespace <NAMESPACE>
                 tokenDuration = aTokenDuration
             else
             begin
+                data logical, a40
+                data loglen, i4
+                data tokdur, d8
                 xcall getlog('HARMONY_TOKEN_DURATION',logical,loglen)
-                if (loglen) then
+                if (loglen)
                 begin
                     tokdur = ^d(logical(1:loglen))
                     tokenDuration = tokdur
                     if (tokenDuration > 8767)
                         tokenDuration = 8767 ;max is 1 year
                 end
-                else
-                    tokenDuration = 0
+
+                ;; special cases for overriding default token duration
                 if(tokenDuration < 1)
                 begin
                     using aTokenDuration select