diff --git a/auth/basicauth.go b/auth/basicauth.go
index 85957e4..2b09483 100644
--- a/auth/basicauth.go
+++ b/auth/basicauth.go
@@ -66,11 +66,6 @@ func BasicAuth(user string, pass string) (PrincipalInterface, error) {
 				return nil, err
 			}
 			evaluateRoles(principal)
-			_, err = GenerateJWToken(principal)
-			if err != nil {
-				log.Log.Errorf("Basic auth error... %v", err)
-				return nil, err
-			}
 			if log.IsDebugLevel() {
 				log.Log.Debugf("Create principal: %p", principal.Name)
 			}
diff --git a/auth/jwt.go b/auth/jwt.go
index a9fdb69..aeea2d7 100644
--- a/auth/jwt.go
+++ b/auth/jwt.go
@@ -278,7 +278,7 @@ func (webToken *WebToken) GenerateJWToken(IAt string, principal PrincipalInterfa
 		return "", fmt.Errorf("web token not configured properly")
 	}
 	if webToken.OAuth2 {
-		return webToken.GenerateOIDCToken(IAt, principal)
+		return webToken.generateOIDCToken(IAt, principal)
 	}
 	token, err := generateCallbackToken(IAt, principal)
 	if err == nil {
@@ -373,7 +373,7 @@ func (webToken *WebToken) JWTContainsRoles(token string, scopes []string) (Princ
 		log.Log.Debugf("Has role scopes %#v", scopes)
 	}
 	if webToken.OAuth2 {
-		return webToken.OIDCContainsRoles(token, scopes)
+		return webToken.checkOIDCContainsRoles(token, scopes)
 	}
 	if webToken.PassToken != "" && token == webToken.PassToken {
 		si := &SessionInfo{UUID: webToken.PassToken}
diff --git a/auth/oidc.go b/auth/oidc.go
index 54123ac..1c65290 100644
--- a/auth/oidc.go
+++ b/auth/oidc.go
@@ -24,6 +24,7 @@ import (
 var oauth2Config *oauth2.Config
 var provider *oidc.Provider
 
+// InitOIDC initialize basic parameters for OIDCS authentication
 func InitOIDC(auth *AuthenticationServer) error {
 	if auth == nil {
 		return errors.New("no OIDC client config given")
@@ -72,8 +73,8 @@ func (webToken *WebToken) InitWebTokenOIDC() error {
 	return nil
 }
 
-// GenerateJWToken generate JWT token using golang Jose.v2
-func (webToken *WebToken) GenerateOIDCToken(IAt string, principal PrincipalInterface) (tokenString string, err error) {
+// generateOIDCToken generate OIDC token using OAuth2 web instance
+func (webToken *WebToken) generateOIDCToken(IAt string, principal PrincipalInterface) (tokenString string, err error) {
 	token, ok := principal.Session().(oauth2.Token)
 	if !ok {
 		return "", errors.New("token generate OIDC mismatch")
@@ -81,7 +82,8 @@ func (webToken *WebToken) GenerateOIDCToken(IAt string, principal PrincipalInter
 	return token.AccessToken, nil
 }
 
-func (webToken *WebToken) OIDCContainsRoles(token string, scopes []string) (PrincipalInterface, error) {
+// checkOIDCContainsRoles OIDCS check for roles
+func (webToken *WebToken) checkOIDCContainsRoles(token string, scopes []string) (PrincipalInterface, error) {
 	verifier := provider.Verifier(&oidc.Config{ClientID: oauth2Config.ClientID})
 
 	// Parse and verify ID Token payload.