diff --git a/oidc_provider/lib/endpoints/token.py b/oidc_provider/lib/endpoints/token.py
index 5503b4c..cacebd9 100644
--- a/oidc_provider/lib/endpoints/token.py
+++ b/oidc_provider/lib/endpoints/token.py
@@ -168,7 +168,7 @@ class TokenEndpoint(object):
             self.client,
             self.params['scope'].split(' '))
 
-        token.id_token = create_id_token(
+        id_token_dic = create_id_token(
             user=self.user,
             aud=self.client.client_id,
             nonce='self.code.nonce',
@@ -177,12 +177,15 @@ class TokenEndpoint(object):
             scope=self.params['scope'],
         )
 
+        token.id_token = id_token_dic
         token.save()
+
         return {
             'access_token': token.access_token,
             'refresh_token': token.refresh_token,
             'expires_in': settings.get('OIDC_TOKEN_EXPIRE'),
-            'token_type': 'bearer'
+            'token_type': 'bearer',
+            'id_token': encode_id_token(id_token_dic, token.client),
         }
 
     def create_code_response_dic(self):
diff --git a/oidc_provider/tests/test_token_endpoint.py b/oidc_provider/tests/test_token_endpoint.py
index 72c1080..9c5743e 100644
--- a/oidc_provider/tests/test_token_endpoint.py
+++ b/oidc_provider/tests/test_token_endpoint.py
@@ -213,7 +213,6 @@ class TokenTestCase(TestCase):
         response_dict = json.loads(response.content.decode('utf-8'))
         print(response_dict)
 
-        self.assertEqual(400, response.status_code)
         self.assertEqual(403, response.status_code)
         self.assertEqual('access_denied', response_dict['error'])
 
@@ -246,14 +245,15 @@ class TokenTestCase(TestCase):
         )
 
         response_dict = json.loads(response.content.decode('utf-8'))
-        expected_response_dic = {
-            "access_token": 'fake_token',
-            "refresh_token": 'fake_token',
-            "expires_in": 120,
-            "token_type": "bearer",
-        }
+        id_token = JWS().verify_compact(response_dict['id_token'].encode('utf-8'), self._get_keys())
+        print(id_token)
 
-        self.assertDictEqual(expected_response_dic, response_dict)
+        self.assertEqual(response_dict['access_token'], 'fake_token')
+        self.assertEqual(response_dict['refresh_token'], 'fake_token')
+        self.assertEqual(response_dict['expires_in'], 120)
+        self.assertEqual(response_dict['token_type'], 'bearer')
+        self.assertEqual(id_token['sub'], str(self.user.id))
+        self.assertEqual(id_token['aud'], self.client.client_id);
 
     @override_settings(OIDC_TOKEN_EXPIRE=720)
     def test_authorization_code(self):