Make sure your client settings has Token Endpoint Authentication Method set to Post if you’re using Regular Web Application.
The description of that field: Defines the requested authentication method for the token endpoint. Possible values are ‘None’ (public client without a client secret), ‘Post’ (client uses HTTP POST parameters) or ‘Basic’ (client uses HTTP Basic).