diff --git a/deps/oauth2_client/include/types.hrl b/deps/oauth2_client/include/types.hrl
index 622cae2220..c22f89a8d8 100644
--- a/deps/oauth2_client/include/types.hrl
+++ b/deps/oauth2_client/include/types.hrl
@@ -25,6 +25,7 @@
     issuer :: option(uri_string:uri_string()),
     discovery_endpoint :: option(uri_string:uri_string()),
     token_endpoint :: option(uri_string:uri_string()),
+    tokeninfo_endpoint :: option(uri_string:uri_string()),
     authorization_endpoint :: option(uri_string:uri_string()),
     end_session_endpoint :: option(uri_string:uri_string()),
     jwks_uri :: option(uri_string:uri_string()),
diff --git a/deps/oauth2_client/src/oauth2_client.erl b/deps/oauth2_client/src/oauth2_client.erl
index f5d4f0f433..4b593903f3 100644
--- a/deps/oauth2_client/src/oauth2_client.erl
+++ b/deps/oauth2_client/src/oauth2_client.erl
@@ -144,10 +144,15 @@ merge_oauth_provider(OAuthProvider, Proplist) ->
         EndSessionEndpoint -> [{end_session_endpoint, EndSessionEndpoint} |
             proplists:delete(end_session_endpoint, Proplist1)]
     end,
-    case OAuthProvider#oauth_provider.jwks_uri of
+    Proplist3 = case OAuthProvider#oauth_provider.tokeninfo_endpoint of
         undefined ->  Proplist2;
+        TokenInfoEndpoint -> [{tokeninfo_endpoint, TokenInfoEndpoint} |
+            proplists:delete(tokeninfo_endpoint, Proplist2)]
+    end,
+    case OAuthProvider#oauth_provider.jwks_uri of
+        undefined ->  Proplist3;
         JwksEndPoint -> [{jwks_uri, JwksEndPoint} |
-            proplists:delete(jwks_uri, Proplist2)]
+            proplists:delete(jwks_uri, Proplist3)]
     end.
 
 parse_openid_configuration_response({error, Reason}) ->
diff --git a/deps/rabbitmq_auth_backend_oauth2/priv/schema/rabbitmq_auth_backend_oauth2.schema b/deps/rabbitmq_auth_backend_oauth2/priv/schema/rabbitmq_auth_backend_oauth2.schema
index 222b1dedfb..7d534cb913 100644
--- a/deps/rabbitmq_auth_backend_oauth2/priv/schema/rabbitmq_auth_backend_oauth2.schema
+++ b/deps/rabbitmq_auth_backend_oauth2/priv/schema/rabbitmq_auth_backend_oauth2.schema
@@ -200,6 +200,11 @@
     rabbit_oauth2_schema:translate_endpoint_params("discovery_endpoint_params", Conf)
  end}.
 
+{mapping,
+ "auth_oauth2.tokeninfo_endpoint",
+ "rabbitmq_auth_backend_oauth2.tokeninfo_endpoint",
+ [{datatype, string}, {validators, ["uri", "https_uri"]}]}.
+
 {mapping,
  "auth_oauth2.oauth_providers.$name.discovery_endpoint_params.$param",
  "rabbitmq_auth_backend_oauth2.oauth_providers",
@@ -291,6 +296,12 @@
   [{datatype, string}, {validators, ["uri", "https_uri"]}]
 }.
 
+{mapping,
+  "auth_oauth2.oauth_providers.$name.tokeninfo_endpoint",
+  "rabbitmq_auth_backend_oauth2.oauth_providers",
+  [{datatype, string}, {validators, ["uri", "https_uri"]}]
+}.
+
 {mapping,
  "auth_oauth2.oauth_providers.$name.jwks_uri",
  "rabbitmq_auth_backend_oauth2.oauth_providers",
diff --git a/deps/rabbitmq_auth_backend_oauth2/src/rabbit_oauth2_schema.erl b/deps/rabbitmq_auth_backend_oauth2/src/rabbit_oauth2_schema.erl
index 13cf6b38de..524fd685ad 100644
--- a/deps/rabbitmq_auth_backend_oauth2/src/rabbit_oauth2_schema.erl
+++ b/deps/rabbitmq_auth_backend_oauth2/src/rabbit_oauth2_schema.erl
@@ -253,6 +253,7 @@ mapOauthProviderProperty({Key, Value}) ->
     {Key, case Key of
         issuer -> validator_https_uri(Key, Value);
         token_endpoint -> validator_https_uri(Key, Value);
+        tokeninfo_endpoint -> validator_https_uri(Key, Value);
         jwks_uri -> validator_https_uri(Key, Value);
         end_session_endpoint -> validator_https_uri(Key, Value);
         authorization_endpoint -> validator_https_uri(Key, Value);