diff --git a/dao/src/main/java/org/thingsboard/server/dao/oauth2/HybridClientRegistrationRepository.java b/dao/src/main/java/org/thingsboard/server/dao/oauth2/HybridClientRegistrationRepository.java
index c23ab1e3d2..126ee060dd 100644
--- a/dao/src/main/java/org/thingsboard/server/dao/oauth2/HybridClientRegistrationRepository.java
+++ b/dao/src/main/java/org/thingsboard/server/dao/oauth2/HybridClientRegistrationRepository.java
@@ -43,6 +43,15 @@ public class HybridClientRegistrationRepository implements ClientRegistrationRep
 
     private ClientRegistration toSpringClientRegistration(OAuth2Client oAuth2Client){
         String registrationId = oAuth2Client.getUuidId().toString();
+
+        // NONE is used if we need pkce-based code challenge
+        ClientAuthenticationMethod authMethod = ClientAuthenticationMethod.NONE;
+        if (oAuth2Client.getClientAuthenticationMethod().equals("POST")) {
+            authMethod = ClientAuthenticationMethod.CLIENT_SECRET_POST;
+        } else if (oAuth2Client.getClientAuthenticationMethod().equals("BASIC")) {
+            authMethod = ClientAuthenticationMethod.CLIENT_SECRET_BASIC;
+        }
+
         return ClientRegistration.withRegistrationId(registrationId)
                 .clientName(oAuth2Client.getName())
                 .clientId(oAuth2Client.getClientId())
@@ -54,8 +63,7 @@ public class HybridClientRegistrationRepository implements ClientRegistrationRep
                 .userInfoUri(oAuth2Client.getUserInfoUri())
                 .userNameAttributeName(oAuth2Client.getUserNameAttributeName())
                 .jwkSetUri(oAuth2Client.getJwkSetUri())
-                .clientAuthenticationMethod(oAuth2Client.getClientAuthenticationMethod().equals("POST") ?
-                        ClientAuthenticationMethod.CLIENT_SECRET_POST : ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
+                .clientAuthenticationMethod(authMethod)
                 .redirectUri(defaultRedirectUriTemplate)
                 .build();
     }
diff --git a/ui-ngx/src/app/shared/models/oauth2.models.ts b/ui-ngx/src/app/shared/models/oauth2.models.ts
index 9c7cd6f342..abc0ae1464 100644
--- a/ui-ngx/src/app/shared/models/oauth2.models.ts
+++ b/ui-ngx/src/app/shared/models/oauth2.models.ts
@@ -68,6 +68,7 @@ export interface OAuth2RegistrationInfo {
 }
 
 export enum ClientAuthenticationMethod {
+  NONE = 'NONE',
   BASIC = 'BASIC',
   POST = 'POST'
 }