diff --git a/docs/source/AdministratorGuide/HowTo/pilotsWithTokens.rst b/docs/source/AdministratorGuide/HowTo/pilotsWithTokens.rst
index 7c89a00ef88..07fde49f10b 100644
--- a/docs/source/AdministratorGuide/HowTo/pilotsWithTokens.rst
+++ b/docs/source/AdministratorGuide/HowTo/pilotsWithTokens.rst
@@ -28,10 +28,25 @@ Setting up an ``IdProvider``
           {
             client_id = <client_id>
             client_secret = <client_secret>
+            dirac_pilot
+            {
+              client_id = <client_id_for_dirac_VO>
+              client_secret = <client_secret_for_dirac_VO>
+            }
+            biomed_pilot
+            {
+              client_id = <client_id_for_biomed_VO>
+              client_secret = <client_secret_for_biomed_VO>
+            }
           }
         }
       }
 
+  In the case you use the same IdProvider for several VOs, you can specify different
+  OAuth2 client credentials per DIRAC user group representing the VO as in the example above.
+  For groups without this specific setting the general IdProvider client credentials
+  will be used.
+
 - Then in your global configuration, add the following section to set up an ``IdProvider`` interface:
 
     .. code-block:: guess
diff --git a/src/DIRAC/FrameworkSystem/Utilities/TokenManagementUtilities.py b/src/DIRAC/FrameworkSystem/Utilities/TokenManagementUtilities.py
index d2572c1d3f7..afbe82c2354 100644
--- a/src/DIRAC/FrameworkSystem/Utilities/TokenManagementUtilities.py
+++ b/src/DIRAC/FrameworkSystem/Utilities/TokenManagementUtilities.py
@@ -23,7 +23,7 @@ def getIdProviderClient(userGroup: str, idProviderClientName: str = None):
         return S_ERROR(f"The {userGroup} group belongs to the VO that is not tied to any Identity Provider.")
 
     # Prepare the client instance of the appropriate IdP
-    return IdProviderFactory().getIdProvider(idProviderClientName)
+    return IdProviderFactory().getIdProvider(idProviderClientName, groupClient=userGroup)
 
 
 def getCachedKey(
diff --git a/src/DIRAC/Resources/IdProvider/IdProviderFactory.py b/src/DIRAC/Resources/IdProvider/IdProviderFactory.py
index a0399ccae7b..f2d012a7f1f 100644
--- a/src/DIRAC/Resources/IdProvider/IdProviderFactory.py
+++ b/src/DIRAC/Resources/IdProvider/IdProviderFactory.py
@@ -70,6 +70,13 @@ def getIdProvider(self, name, **kwargs):
                 return result
             pDict = result["Value"]
 
+            # Check if the client has a special configuration for the requested group
+            if groupClient := kwargs.get("groupClient", None):
+                # Look for special client parameters for this user group
+                result = gConfig.getOptionsDict(f"/Resources/IdProviders/{name}/{groupClient}")
+                if result["OK"]:
+                    pDict.update(result["Value"])
+
         pDict.update(kwargs)
         pDict["ProviderName"] = name