diff --git a/nuxeo-features/nuxeo-platform-oauth/src/main/java/org/nuxeo/ecm/platform/oauth2/request/TokenRequest.java b/nuxeo-features/nuxeo-platform-oauth/src/main/java/org/nuxeo/ecm/platform/oauth2/request/TokenRequest.java
index a08e6de0d1c..2627e5ba3b2 100644
--- a/nuxeo-features/nuxeo-platform-oauth/src/main/java/org/nuxeo/ecm/platform/oauth2/request/TokenRequest.java
+++ b/nuxeo-features/nuxeo-platform-oauth/src/main/java/org/nuxeo/ecm/platform/oauth2/request/TokenRequest.java
@@ -49,6 +49,24 @@ public class TokenRequest extends OAuth2Request {
         clientSecret = request.getParameter(CLIENT_SECRET_PARAM);
         refreshToken = request.getParameter(REFRESH_TOKEN_PARAM);
         codeVerifier = request.getParameter(CODE_VERIFIER_PARAM);
+
+        if (clientId == null || clientSecret == null) {
+            checkAuthorization(request);
+        }
+    }
+
+    protected void checkAuthorization(HttpServletRequest request) {
+        final String authorization = request.getHeader("Authorization");
+        if (authorization != null && authorization.toLowerCase().startsWith("basic")) {
+            // Authorization: Basic base64credentials
+            String base64Credentials = authorization.substring("Basic".length()).trim();
+            byte[] credDecoded = java.util.Base64.getDecoder().decode(base64Credentials);
+            String credentials = new String(credDecoded, java.nio.charset.StandardCharsets.UTF_8);
+            // credentials = clientid:secret
+            final String[] values = credentials.split(":", 2);
+            clientId = values[0];
+            clientSecret = values[1];
+        }
     }
 
     public String getGrantType() {
diff --git a/nuxeo-features/nuxeo-platform-oauth/src/test/java/org/nuxeo/ecm/platform/oauth/tests/OAuth2ChallengeFixture.java b/nuxeo-features/nuxeo-platform-oauth/src/test/java/org/nuxeo/ecm/platform/oauth/tests/OAuth2ChallengeFixture.java
index 180eb818374..9abeb5ca3f4 100644
--- a/nuxeo-features/nuxeo-platform-oauth/src/test/java/org/nuxeo/ecm/platform/oauth/tests/OAuth2ChallengeFixture.java
+++ b/nuxeo-features/nuxeo-platform-oauth/src/test/java/org/nuxeo/ecm/platform/oauth/tests/OAuth2ChallengeFixture.java
@@ -416,7 +416,7 @@ public class OAuth2ChallengeFixture {
             String json = cr.getEntity(String.class);
             Map<?, ?> error = obj.readValue(json, Map.class);
             assertEquals(INVALID_CLIENT, error.get(ERROR_PARAM));
-            assertEquals("Invalid client id: unknown", error.get(ERROR_DESCRIPTION_PARAM));
+            assertEquals("Invalid client id: Administrator", error.get(ERROR_DESCRIPTION_PARAM));
             assertStoreIsEmpty();
         }