diff --git a/src/IdentityServer/Endpoints/BackchannelAuthenticationEndpoint.cs b/src/IdentityServer/Endpoints/BackchannelAuthenticationEndpoint.cs
index 2c9553de9..78f8f618f 100644
--- a/src/IdentityServer/Endpoints/BackchannelAuthenticationEndpoint.cs
+++ b/src/IdentityServer/Endpoints/BackchannelAuthenticationEndpoint.cs
@@ -72,10 +72,9 @@ private async Task<IEndpointResult> ProcessAuthenticationRequestAsync(HttpContex
 
         // validate client
         var clientResult = await _clientValidator.ValidateAsync(context);
-
-        if (clientResult.Client == null)
+        if (clientResult.IsError)
         {
-            return Error(OidcConstants.BackchannelAuthenticationRequestErrors.InvalidClient);
+            return Error(clientResult.Error ?? OidcConstants.BackchannelAuthenticationRequestErrors.InvalidClient);
         }
 
         // validate request
diff --git a/src/IdentityServer/Endpoints/DeviceAuthorizationEndpoint.cs b/src/IdentityServer/Endpoints/DeviceAuthorizationEndpoint.cs
index 3ea90fb16..58ba73840 100644
--- a/src/IdentityServer/Endpoints/DeviceAuthorizationEndpoint.cs
+++ b/src/IdentityServer/Endpoints/DeviceAuthorizationEndpoint.cs
@@ -83,7 +83,7 @@ private async Task<IEndpointResult> ProcessDeviceAuthorizationRequestAsync(HttpC
 
         // validate client
         var clientResult = await _clientValidator.ValidateAsync(context);
-        if (clientResult.Client == null) return Error(OidcConstants.TokenErrors.InvalidClient);
+        if (clientResult.IsError) return Error(clientResult.Error ?? OidcConstants.TokenErrors.InvalidClient);
 
         // validate request
         var form = (await context.Request.ReadFormAsync()).AsNameValueCollection();
diff --git a/src/IdentityServer/Endpoints/TokenEndpoint.cs b/src/IdentityServer/Endpoints/TokenEndpoint.cs
index bb63fe1d4..bbd2ef30b 100644
--- a/src/IdentityServer/Endpoints/TokenEndpoint.cs
+++ b/src/IdentityServer/Endpoints/TokenEndpoint.cs
@@ -88,10 +88,9 @@ private async Task<IEndpointResult> ProcessTokenRequestAsync(HttpContext context
 
         // validate client
         var clientResult = await _clientValidator.ValidateAsync(context);
-
-        if (clientResult.Client == null)
+        if (clientResult.IsError)
         {
-            return Error(OidcConstants.TokenErrors.InvalidClient);
+            return Error(clientResult.Error ?? OidcConstants.TokenErrors.InvalidClient);
         }
 
         // validate request
diff --git a/src/IdentityServer/Endpoints/TokenRevocationEndpoint.cs b/src/IdentityServer/Endpoints/TokenRevocationEndpoint.cs
index 4bcea28c4..8ad7d180c 100644
--- a/src/IdentityServer/Endpoints/TokenRevocationEndpoint.cs
+++ b/src/IdentityServer/Endpoints/TokenRevocationEndpoint.cs
@@ -92,10 +92,9 @@ private async Task<IEndpointResult> ProcessRevocationRequestAsync(HttpContext co
 
         // validate client
         var clientValidationResult = await _clientValidator.ValidateAsync(context);
-
         if (clientValidationResult.IsError)
         {
-            return new TokenRevocationErrorResult(OidcConstants.TokenErrors.InvalidClient);
+            return new TokenRevocationErrorResult(clientValidationResult.Error ?? OidcConstants.TokenErrors.InvalidClient);
         }
 
         _logger.LogTrace("Client validation successful");
diff --git a/src/IdentityServer/Validation/Default/ClientSecretValidator.cs b/src/IdentityServer/Validation/Default/ClientSecretValidator.cs
index 8e0e85c14..1eaaf6832 100644
--- a/src/IdentityServer/Validation/Default/ClientSecretValidator.cs
+++ b/src/IdentityServer/Validation/Default/ClientSecretValidator.cs
@@ -53,7 +53,8 @@ public async Task<ClientSecretValidationResult> ValidateAsync(HttpContext contex
 
         var fail = new ClientSecretValidationResult
         {
-            IsError = true
+            IsError = true,
+            Error = IdentityModel.OidcConstants.TokenErrors.InvalidClient
         };
 
         var parsedSecret = await _parser.ParseAsync(context);
@@ -62,6 +63,8 @@ public async Task<ClientSecretValidationResult> ValidateAsync(HttpContext contex
             await RaiseFailureEventAsync("unknown", "No client id found");
 
             _logger.LogError("No client identifier found");
+
+            fail.Error = IdentityModel.OidcConstants.TokenErrors.InvalidRequest;
             return fail;
         }
 
diff --git a/test/IdentityServer.IntegrationTests/Endpoints/DeviceAuthorization/DeviceAuthorizationTests.cs b/test/IdentityServer.IntegrationTests/Endpoints/DeviceAuthorization/DeviceAuthorizationTests.cs
index 9bb2b2cfe..a70217eed 100644
--- a/test/IdentityServer.IntegrationTests/Endpoints/DeviceAuthorization/DeviceAuthorizationTests.cs
+++ b/test/IdentityServer.IntegrationTests/Endpoints/DeviceAuthorization/DeviceAuthorizationTests.cs
@@ -75,7 +75,7 @@ public async Task wrong_content_type_return_InvalidRequest()
 
     [Fact]
     [Trait("Category", Category)]
-    public async Task empty_request_should_return_InvalidClient()
+    public async Task empty_request_should_return_InvalidRequest()
     {
         var response = await _mockPipeline.BackChannelClient.PostAsync(IdentityServerPipeline.DeviceAuthorization,
             new FormUrlEncodedContent(new Dictionary<string, string>()));
@@ -85,7 +85,7 @@ public async Task empty_request_should_return_InvalidClient()
         var resultDto = ParseJsonBody<ErrorResultDto>(await response.Content.ReadAsStreamAsync());
 
         resultDto.Should().NotBeNull();
-        resultDto.error.Should().Be(OidcConstants.TokenErrors.InvalidClient);
+        resultDto.error.Should().Be(OidcConstants.TokenErrors.InvalidRequest);
     }
 
     [Fact]