diff --git a/cmd/cli/handler_client.go b/cmd/cli/handler_client.go
index 3476f28484f..e98906c523a 100644
--- a/cmd/cli/handler_client.go
+++ b/cmd/cli/handler_client.go
@@ -123,6 +123,7 @@ func (h *ClientHandler) CreateClient(cmd *cobra.Command, args []string) {
 		BackchannelLogoutURI:              flagx.MustGetString(cmd, "backchannel-logout-callback"),
 		FrontchannelLogoutSessionRequired: flagx.MustGetBool(cmd, "frontchannel-logout-session-required"),
 		FrontchannelLogoutURI:             flagx.MustGetString(cmd, "frontchannel-logout-callback"),
+		TokenEndpointAuthSigningAlg:       flagx.MustGetString(cmd, "token-endpoint-auth-signing-alg"),
 	}
 
 	response, err := m.Admin.CreateOAuth2Client(admin.NewCreateOAuth2ClientParams().WithBody(&cc))
@@ -188,6 +189,7 @@ func (h *ClientHandler) UpdateClient(cmd *cobra.Command, args []string) {
 		BackchannelLogoutURI:              flagx.MustGetString(cmd, "backchannel-logout-callback"),
 		FrontchannelLogoutSessionRequired: flagx.MustGetBool(cmd, "frontchannel-logout-session-required"),
 		FrontchannelLogoutURI:             flagx.MustGetString(cmd, "frontchannel-logout-callback"),
+		TokenEndpointAuthSigningAlg:       flagx.MustGetString(cmd, "token-endpoint-auth-signing-alg"),
 	}
 
 	response, err := m.Admin.UpdateOAuth2Client(admin.NewUpdateOAuth2ClientParams().WithID(id).WithBody(&cc))
diff --git a/cmd/clients_create.go b/cmd/clients_create.go
index fa271045a8f..eaa920e9b0b 100644
--- a/cmd/clients_create.go
+++ b/cmd/clients_create.go
@@ -76,5 +76,8 @@ To encrypt auto generated client secret, use "--pgp-key", "--pgp-key-url" or "--
 	cmd.Flags().String("pgp-key-url", "", "PGP encryption key URL for encrypting client secret")
 	cmd.Flags().String("keybase", "", "Keybase username for encrypting client secret")
 
+	// authentication signing algorithm for the Token Endpoint
+	cmd.Flags().String("token-endpoint-auth-signing-alg", "", "Authentication signing algorithm for the Token Endpoint")
+
 	return cmd
 }
diff --git a/cmd/clients_update.go b/cmd/clients_update.go
index 74b6d74dfaa..1e11feefb7a 100644
--- a/cmd/clients_update.go
+++ b/cmd/clients_update.go
@@ -55,5 +55,8 @@ To encrypt auto generated client secret, use "--pgp-key", "--pgp-key-url" or "--
 	cmd.Flags().String("pgp-key-url", "", "PGP encryption key URL for encrypting client secret")
 	cmd.Flags().String("keybase", "", "Keybase username for encrypting client secret")
 
+	// authentication signing algorithm for the Token Endpoint
+	cmd.Flags().String("token-endpoint-auth-signing-alg", "", "Authentication signing algorithm for the Token Endpoint")
+
 	return cmd
 }