I solved it by make the following changes:

1. set the client to use form encoded body as authentication type (in the OAuth 2.0 setup of the Management Portal)

2. Move the grant_type parameter to the querystring (like https://[oauth-server-adress]/token?grant_type=authorization_code

3. make sure the POST request used form encoded body as content type