diff --git a/server/handlers.go b/server/handlers.go
index 08a60d48..d6b9642b 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -813,7 +813,7 @@ func (s *Server) withClientFromStorage(w http.ResponseWriter, r *http.Request, h
 		return
 	}
 
-	if subtle.ConstantTimeCompare([]byte(client.Secret), []byte(clientSecret)) != 1 {
+	if !client.Public && subtle.ConstantTimeCompare([]byte(client.Secret), []byte(clientSecret)) != 1 {
 		if clientSecret == "" {
 			s.logger.Infof("missing client_secret on token request for client: %s", client.ID)
 		} else {