Currently we use PasswordGrantTokenProvider and basically just use its username/password settings. It also have settings for oauth client id/password which we never exposed and if not set client id in CFJC defaults to cf. Client id named cf is then used in a cli as well and it usually the one infra tooling set.

Usually for plain cli use you want token expiry times to relatively small. This causes issues with a machine code using CFJC as it doesn't to re-login and instance of CloudfoundryOperations stops working when refresh token gets expired.

If we expose these additional settings then user would have easier option to use different client it and thus set different token expire times so that you would not need to cause these changes to cli as well.

For example, when having a UAA setup for CF, you would not need to touch client id cf in it, instead create dedicated id solely for dataflow/deployer which mitigates risks of setting up long lasting refresh token for everyone.