diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/oidc/StandardOidcIdentityProvider.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/oidc/StandardOidcIdentityProvider.java
index 62e0c0c988..02ed1ff3a4 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/oidc/StandardOidcIdentityProvider.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/oidc/StandardOidcIdentityProvider.java
@@ -61,6 +61,7 @@ import org.slf4j.LoggerFactory;
 import java.io.IOException;
 import java.net.URI;
 import java.net.URL;
+import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.Date;
 import java.util.List;
@@ -68,6 +69,7 @@ import java.util.concurrent.TimeUnit;
 
 import static com.nimbusds.openid.connect.sdk.claims.UserInfo.EMAIL_CLAIM_NAME;
 
+
 /**
  * OidcProvider for managing the OpenId Connect Authorization flow.
  */
@@ -163,11 +165,15 @@ public class StandardOidcIdentityProvider implements OidcIdentityProvider {
             }
 
             // ensure the oidc provider supports basic or post client auth
-            final List<ClientAuthenticationMethod> clientAuthenticationMethods = oidcProviderMetadata.getTokenEndpointAuthMethods();
-            if (clientAuthenticationMethods == null
-                    || (!clientAuthenticationMethods.contains(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
-                    && !clientAuthenticationMethods.contains(ClientAuthenticationMethod.CLIENT_SECRET_POST))) {
-
+            List<ClientAuthenticationMethod> clientAuthenticationMethods = oidcProviderMetadata.getTokenEndpointAuthMethods();
+            logger.info("OpenId Connect: Available clientAuthenticationMethods {} ", clientAuthenticationMethods);
+            if (clientAuthenticationMethods == null || clientAuthenticationMethods.isEmpty()) {
+                clientAuthenticationMethods = new ArrayList<>();
+                clientAuthenticationMethods.add(ClientAuthenticationMethod.CLIENT_SECRET_BASIC);
+                oidcProviderMetadata.setTokenEndpointAuthMethods(clientAuthenticationMethods);
+                logger.warn("OpenId Connect: ClientAuthenticationMethods is null, Setting clientAuthenticationMethods as CLIENT_SECRET_BASIC");
+            } else if (!clientAuthenticationMethods.contains(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
+                    && !clientAuthenticationMethods.contains(ClientAuthenticationMethod.CLIENT_SECRET_POST)) {
                 throw new RuntimeException(String.format("OpenId Connect Provider does not support %s or %s",
                         ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue(),
                         ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue()));