diff --git a/lib/swagger-oauth.js b/lib/swagger-oauth.js
index fed588c6373..214a3b9a613 100644
--- a/lib/swagger-oauth.js
+++ b/lib/swagger-oauth.js
@@ -5,6 +5,7 @@ var clientId;
 var realm;
 var oauth2KeyName;
 var redirect_uri;
+var clientSecret;
 
 function handleLogin() {
   var scopes = [];
@@ -184,6 +185,7 @@ function initOAuth(opts) {
   popupMask = (o.popupMask||$('#api-common-mask'));
   popupDialog = (o.popupDialog||$('.api-popup-dialog'));
   clientId = (o.clientId||errors.push('missing client id'));
+  clientSecret = (o.clientSecret||errors.push('missing client secret'));
   realm = (o.realm||errors.push('missing realm'));
 
   if(errors.length > 0){
@@ -206,6 +208,7 @@ function initOAuth(opts) {
 window.processOAuthCode = function processOAuthCode(data) {
   var params = {
     'client_id': clientId,
+    'client_secret': clientSecret,
     'code': data.code,
     'grant_type': 'authorization_code',
     'redirect_uri': redirect_uri
diff --git a/src/main/html/index.html b/src/main/html/index.html
index a6904d0f961..a7ae94d41b8 100644
--- a/src/main/html/index.html
+++ b/src/main/html/index.html
@@ -37,6 +37,7 @@
           if(typeof initOAuth == "function") {
             initOAuth({
               clientId: "your-client-id",
+              clientSecret: "your-client-secret",
               realm: "your-realms",
               appName: "your-app-name"
             });