ethyca · NevilleS · Dec 4, 2025 · Dec 4, 2025 · Dec 4, 2025 · Dec 4, 2025
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -43,6 +43,7 @@ Changes can also be flagged with a GitHub label for tracking purposes. The URL o
 
 ### Fixed
 - Fixed pagination in Integrations page [#7058](https://github.com/ethyca/fides/pull/7058)
+- Fixed issue where the required `token_type` field was missing from the `api/v1/oauth/token` endpoint response [#7074](https://github.com/ethyca/fides/pull/7074)
 
 
 ## [2.75.2](https://github.com/ethyca/fides/compare/2.75.1..2.75.2)

diff --git a/dev-requirements.txt b/dev-requirements.txt
@@ -1,7 +1,7 @@
 black==24.3.0
 debugpy==1.6.3
 Faker==14.1.0
-freezegun==1.5.1
+freezegun==1.0.0
 GitPython==3.1.41
 isort==5.12.0
 moto[s3]==5.1.0

@@ -1,4 +1,4 @@
-from typing import Dict, Optional
+from typing import Dict, Literal, Optional
 
 from fastapi import Form
 from fastapi.openapi.models import OAuthFlows
@@ -14,6 +14,7 @@ class AccessToken(BaseModel):
     """A wrapper for the access_code returned upon successful authentication"""
 
     access_token: str
+    token_type: Literal["Bearer"] = "Bearer"
 
 
 # NOTE: Adapted from

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -773,7 +773,7 @@ def celery_worker_parameters():
     takes longer to shut down, especially during parallel test runs with pytest-xdist.
     The CI environment can be slow, so we use a generous timeout.
     """
-    return {"shutdown_timeout": 120.0}
+    return {"shutdown_timeout": 180.0}
 
 
 @pytest.fixture(autouse=True, scope="session")

diff --git a/tests/ops/api/v1/endpoints/test_oauth_endpoints.py b/tests/ops/api/v1/endpoints/test_oauth_endpoints.py
@@ -440,6 +440,10 @@ def test_get_access_token_root_client(self, url, api_client):
 
         assert extracted_token[JWE_PAYLOAD_ROLES] == [OWNER]
 
+        # Check token type
+        token_type = json.loads(response.text).get("token_type")
+        assert token_type == "Bearer"
+
     def test_get_access_token(self, db, url, api_client):
         new_client, secret = ClientDetail.create_client_and_secret(
             db,
@@ -468,6 +472,9 @@ def test_get_access_token(self, db, url, api_client):
             == []
         )
 
+        token_type = json.loads(response.text).get("token_type")
+        assert token_type == "Bearer"
+
         new_client.delete(db)