diff --git a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/AppContextListener.java b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/AppContextListener.java
index 1fe4a2ff71..bd6a395242 100755
--- a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/AppContextListener.java
+++ b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/AppContextListener.java
@@ -41,6 +41,7 @@ public class AppContextListener implements ServletContextListener {
         }
         ServletOAuthClientBuilder.build(is, oauthClient);
         logger.info("OAuth client configured and started");
+        oauthClient.start();
     }
 
     @Override
diff --git a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
index 6b96f6a97f..0a440374b8 100755
--- a/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
+++ b/examples/demo-template/third-party-cdi/src/main/java/org/keycloak/example/oauth/DatabaseClient.java
@@ -6,6 +6,8 @@ import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.jboss.logging.Logger;
+import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
 import org.keycloak.servlet.ServletOAuthClient;
 import org.keycloak.util.JsonSerialization;
 import org.keycloak.util.UriUtils;
@@ -104,18 +106,8 @@ public class DatabaseClient {
     }
 
     public String getBaseUrl() {
-        switch (oauthClient.getRelativeUrlsUsed()) {
-            case ALL_REQUESTS:
-                // Resolve baseURI from the request
-                return UriUtils.getOrigin(request.getRequestURL().toString());
-            case BROWSER_ONLY:
-                // Resolve baseURI from the codeURL (This is already non-relative and based on our hostname)
-                return UriUtils.getOrigin(oauthClient.getTokenUrl());
-            case NEVER:
-                return "";
-            default:
-                return "";
-        }
+        KeycloakSecurityContext session = (KeycloakSecurityContext)request.getAttribute(KeycloakSecurityContext.class.getName());
+        return AdapterUtils.getOriginForRestCalls(request.getRequestURL().toString(), session);
     }
 
 }
diff --git a/examples/demo-template/third-party/pom.xml b/examples/demo-template/third-party/pom.xml
index 6ec11d9e81..e5e3ac45a2 100755
--- a/examples/demo-template/third-party/pom.xml
+++ b/examples/demo-template/third-party/pom.xml
@@ -34,6 +34,7 @@
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-servlet-oauth-client</artifactId>
+            <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
diff --git a/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java b/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
index e47716b616..b0e0e00af8 100755
--- a/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
+++ b/examples/demo-template/third-party/src/main/java/org/keycloak/example/oauth/ProductDatabaseClient.java
@@ -5,6 +5,8 @@ import org.apache.http.HttpResponse;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.impl.client.DefaultHttpClient;
+import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.adapters.AdapterUtils;
 import org.keycloak.adapters.ServerRequest;
 import org.keycloak.representations.AccessTokenResponse;
 import org.keycloak.servlet.ServletOAuthClient;
@@ -71,6 +73,8 @@ public class ProductDatabaseClient {
     }
 
     public static List<String> getProducts(HttpServletRequest request, String accessToken) throws Failure {
+        KeycloakSecurityContext session = (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
+
         // The ServletOAuthClient is obtained by getting a context attribute
         // that is set in the Bootstrap context listener in this project.
         // You really should come up with a better way to initialize
@@ -79,7 +83,7 @@ public class ProductDatabaseClient {
         ServletOAuthClient oAuthClient = (ServletOAuthClient) request.getServletContext().getAttribute(ServletOAuthClient.class.getName());
         HttpClient client = new DefaultHttpClient();
 
-        HttpGet get = new HttpGet(getBaseUrl(oAuthClient, request) + "/database/products");
+        HttpGet get = new HttpGet(AdapterUtils.getOriginForRestCalls(request.getRequestURL().toString(), session) + "/database/products");
         get.addHeader("Authorization", "Bearer " + accessToken);
         try {
             HttpResponse response = client.execute(get);
diff --git a/examples/demo-template/third-party/src/main/webapp/WEB-INF/jboss-deployment-structure.xml b/examples/demo-template/third-party/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
index 9c1bac9b36..2ee04e01a7 100755
--- a/examples/demo-template/third-party/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
+++ b/examples/demo-template/third-party/src/main/webapp/WEB-INF/jboss-deployment-structure.xml
@@ -4,6 +4,7 @@
             <!-- the Demo code uses classes in these modules.  These are optional to import if you are not using
                  Apache Http Client or the HttpClientBuilder that comes with the adapter core -->
             <module name="org.apache.httpcomponents"/>
+            <module name="org.keycloak.keycloak-servlet-oauth-client"/>
         </dependencies>
     </deployment>
 </jboss-deployment-structure>
\ No newline at end of file