diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 46574ccb69..a2980c79ec 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -21,8 +21,16 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
         oauth_token:
-            pattern: ^/oauth/(token|authorize)$
+            pattern: ^/oauth/token$
             security: false
+        oauth_authorize:
+            pattern: ^/oauth/authorize$
+            security: true
+            entry_point: App\Security\Authenticator
+            guard:
+                authenticators:
+                    - App\Security\Authenticator
+            provider: local_user
         oauth:
             guard:
                 authenticators:
diff --git a/src/Core/GNUsocial.php b/src/Core/GNUsocial.php
index ffee5308c1..aed88fb345 100644
--- a/src/Core/GNUsocial.php
+++ b/src/Core/GNUsocial.php
@@ -81,6 +81,7 @@ use Symfony\Contracts\Translation\TranslatorInterface;
 use SymfonyCasts\Bundle\ResetPassword\ResetPasswordHelperInterface;
 use SymfonyCasts\Bundle\VerifyEmail\VerifyEmailHelperInterface;
 use Trikoder\Bundle\OAuth2Bundle\Event\UserResolveEvent;
+use Trikoder\Bundle\OAuth2Bundle\OAuth2Events;
 use Twig\Environment;
 
 /**
@@ -292,9 +293,9 @@ class GNUsocial implements EventSubscriberInterface
     public static function getSubscribedEvents(): array
     {
         return [
-            KernelEvents::REQUEST          => 'onKernelRequest',
-            'console.command'              => 'onCommand',
-            'trikoder.oauth2.user_resolve' => 'userResolve',
+            KernelEvents::REQUEST      => 'onKernelRequest',
+            'console.command'          => 'onCommand',
+            OAuth2Events::USER_RESOLVE => 'userResolve',
         ];
     }
 }
diff --git a/src/Security/Authenticator.php b/src/Security/Authenticator.php
index 424b4b2ba2..0c819b6085 100644
--- a/src/Security/Authenticator.php
+++ b/src/Security/Authenticator.php
@@ -74,7 +74,8 @@ class Authenticator extends AbstractFormLoginAuthenticator implements Authentica
 
     public function supports(Request $request): bool
     {
-        return self::LOGIN_ROUTE === $request->attributes->get('_route') && $request->isMethod('POST');
+        return (self::LOGIN_ROUTE === $request->attributes->get('_route') && $request->isMethod('POST'))
+            || ('oauth2_authorize' === $request->attributes->get('_route'));
     }
 
     /**