diff --git a/setup.py b/setup.py
index b75ee24e79..45d27b7040 100644
--- a/setup.py
+++ b/setup.py
@@ -49,7 +49,7 @@
     "croniter<6.1",
     "python-dateutil<2.10",
     "unidecode>=0.04.21,<=1.3.8",
-    "authlib>0.14,<0.15",
+    "authlib>0.14,<1.5",
     "draftjs-exporter[lxml]<5.1",
     "regex>=2020.7.14,<=2024.11.6",
     "flask-oidc-ex>=0.5.5,<0.7",
diff --git a/superdesk/auth_server/models.py b/superdesk/auth_server/models.py
index 6d30c2c19d..ebc9af3cc0 100644
--- a/superdesk/auth_server/models.py
+++ b/superdesk/auth_server/models.py
@@ -36,9 +36,6 @@ def __init__(self, data):
     def client_id(self):
         return str(self._id)
 
-    def check_token_endpoint_auth_method(self, method):
-        return method == "client_secret_basic"
-
     def check_client_secret(self, client_secret):
         return bcrypt.checkpw(client_secret.encode(), self.pwd_hash.encode())
 
@@ -48,6 +45,11 @@ def check_grant_type(self, grant_type):
     def get_allowed_scope(self, scope):
         return ""
 
+    def check_endpoint_auth_method(self, method, endpoint):
+        if endpoint == "token":
+            return method == "client_secret_basic"
+        return True
+
 
 def query_client(client_id):
     clients_service = superdesk.get_resource_service("auth_server_clients")