diff --git a/org.adempiere.base/src/org/compiere/util/EMail.java b/org.adempiere.base/src/org/compiere/util/EMail.java
index 77b5329243..8d16359f3e 100644
--- a/org.adempiere.base/src/org/compiere/util/EMail.java
+++ b/org.adempiere.base/src/org/compiere/util/EMail.java
@@ -46,7 +46,6 @@ import javax.mail.internet.MimeBodyPart;
 import javax.mail.internet.MimeMessage;
 import javax.mail.internet.MimeMultipart;
 
-import org.compiere.model.MAuthorizationAccount;
 import org.compiere.model.MClient;
 import org.compiere.model.MSysConfig;
 
@@ -273,13 +272,6 @@ public final class EMail implements Serializable
 			props.put("mail.debug", "true");
 		//
 
-		MAuthorizationAccount authAccount = null;
-		boolean isOAuth2 = false;
-		if (m_auth != null) {
-			authAccount = MAuthorizationAccount.getEMailAccount(m_auth.getPasswordAuthentication().getUserName());
-			isOAuth2 = (authAccount != null);
-		}
-
 		Session session = null;
 		try
 		{
@@ -297,13 +289,12 @@ public final class EMail implements Serializable
 			{
 				props.put("mail.smtp.starttls.enable", "true");
 			}
-			if (isOAuth2) {
+			if (m_auth != null && m_auth.isOAuth2()) {
 				props.put("mail.smtp.auth.mechanisms", "XOAUTH2");
 			    props.put("mail.smtp.starttls.required", "true");
 			    props.put("mail.smtp.auth.login.disable","true");
 			    props.put("mail.smtp.auth.plain.disable","true");
 			    props.put("mail.debug.auth", "true");
-				m_auth = new EMailAuthenticator (m_auth.getPasswordAuthentication().getUserName(), authAccount.refreshAndGetAccessToken());
 			}
 			session = Session.getInstance(props);
 			session.setDebug(CLogMgt.isLevelFinest());
@@ -597,14 +588,13 @@ public final class EMail implements Serializable
 	 */
 	public EMailAuthenticator createAuthenticator (String username, String password)
 	{
-		if (username == null || password == null)
+		if (username == null)
 		{
-			log.warning("Ignored - " +  username + "/" + password);
+			log.warning("Ignored - username null");
 			m_auth = null;
 		}
 		else
 		{
-		//	log.fine("setEMailUser: " + username + "/" + password);
 			m_auth = new EMailAuthenticator (username, password);
 		}
 		return m_auth;
diff --git a/org.adempiere.base/src/org/compiere/util/EMailAuthenticator.java b/org.adempiere.base/src/org/compiere/util/EMailAuthenticator.java
index 0e16b9e3a1..8be733efd7 100644
--- a/org.adempiere.base/src/org/compiere/util/EMailAuthenticator.java
+++ b/org.adempiere.base/src/org/compiere/util/EMailAuthenticator.java
@@ -16,11 +16,16 @@
  *****************************************************************************/
 package org.compiere.util;
 
+import java.io.IOException;
+import java.security.GeneralSecurityException;
 import java.util.logging.Level;
 
 import javax.mail.Authenticator;
 import javax.mail.PasswordAuthentication;
 
+import org.adempiere.exceptions.AdempiereException;
+import org.compiere.model.MAuthorizationAccount;
+
 /**
  *  Email User Authentification
  *
@@ -32,10 +37,24 @@ public class EMailAuthenticator extends Authenticator
 	/**
 	 * 	Constructor
 	 * 	@param username user name
-	 * 	@param password user password
+	 * 	@param password user password (ignored if is OAuth2 account)
 	 */
 	public EMailAuthenticator (String username, String password)
 	{
+		MAuthorizationAccount authAccount = MAuthorizationAccount.getEMailAccount(username);
+		if (authAccount != null)
+		{
+			m_isOAuth2 = true;
+			try
+			{
+				password = authAccount.refreshAndGetAccessToken();
+			}
+			catch (GeneralSecurityException | IOException e)
+			{
+				throw new AdempiereException(e);
+			}
+		}
+
 		m_pass = new PasswordAuthentication (username, password);
 		if (username == null || username.length() == 0)
 		{
@@ -51,18 +70,28 @@ public class EMailAuthenticator extends Authenticator
 
 	/**	Password		*/
 	private PasswordAuthentication 	m_pass = null;
+	/**	Is OAuth2		*/
+	private boolean m_isOAuth2 = false;
 	/**	Logger			*/
 	private static CLogger log = CLogger.getCLogger(EMailAuthenticator.class);
 
 	/**
-	 *	Ger PasswordAuthentication
-	 * 	@return Password Autnetifucation
+	 *	Get Password Authentication
+	 * 	@return Password Authentication
 	 */
 	protected PasswordAuthentication getPasswordAuthentication()
 	{
 		return m_pass;
 	}	//	getPasswordAuthentication
 
+	/**
+	 * If the authenticator is using OAuth2 account
+	 * @return boolean
+	 */
+	protected boolean isOAuth2() {
+		return m_isOAuth2;
+	}
+
 	/**
 	 * 	Get String representation
 	 * 	@return info