The default token endpoint authentication method has been changed in OpenAM 13 (rev. 13543?) to 'client_secret_basic'.
(specified in Section 2.3.1 of OAuth 2.0 RFC6749)
In OpenIG, this will cause the getAccessToken to fail with OpenAM13 (see OAuth2Provider#getAccessToken-createRequestForAccessToken)
as we are using the 'token_endpoint_auth_method' as 'client_secret_post'
A harcoded boolean was added to the OAuth2Provider.class
According to openid-connect-registration this attribute should accept other options but if omitted, should use the 'client_secret_basic' as specified in OpenAM13.