diff --git a/oidc_provider/tests/test_token_endpoint.py b/oidc_provider/tests/test_token_endpoint.py
index 8a3ca22..72c1080 100644
--- a/oidc_provider/tests/test_token_endpoint.py
+++ b/oidc_provider/tests/test_token_endpoint.py
@@ -214,6 +214,7 @@ class TokenTestCase(TestCase):
         print(response_dict)
 
         self.assertEqual(400, response.status_code)
+        self.assertEqual(403, response.status_code)
         self.assertEqual('access_denied', response_dict['error'])
 
     def test_password_grant_get_access_token_invalid_client_credentials(self):
diff --git a/oidc_provider/views.py b/oidc_provider/views.py
index 1c94d05..b1eb420 100644
--- a/oidc_provider/views.py
+++ b/oidc_provider/views.py
@@ -167,8 +167,10 @@ class TokenView(View):
 
             return TokenEndpoint.response(dic)
 
-        except (TokenError, UserAuthError) as error:
+        except TokenError as error:
             return TokenEndpoint.response(error.create_dict(), status=400)
+        except UserAuthError as error:
+            return TokenEndpoint.response(error.create_dict(), status=403)
 
 
 @require_http_methods(['GET', 'POST'])