Once this is done, Spring Security will support both basic and bearer token authentication for the token introspection endpoint. The client-id and client-secret properties will remain the same but we will need to add a property to allow the user to specify if they want basic authentication of bearer token authentication via the client credentials grant type.
Comment From: levitin
This would be a very useful feature.