This article makes a few base assumptions. It took me a little research to figure out how to do these things, and for everyone’s benefit I thought I’d write down and share what I had to do. Further, I want local hosts file resolution of my endpoints on the Android emulator so that I can use real host names in my application configuration. I always want to use https URL’s for my OAuth authorization and token endpoints, with correct security configuration in place to perform transport-level server certificate validation. when I’m flying from Australia to London…) This allows quick iterative testing, and gives me a completely standalone test environment that doesn’t have to be online (e.g. When writing mobile applications on Android that utilise the OAuth 2.0 capability of IBM Security Access Manager (or in fact any other interaction with WebSEAL from the Android emulator), I typically want to test my application against a virtual ISAM appliance running on my laptop.