diff --git a/src/main/java/org/gcube/oidc/rest/OpenIdConnectRESTHelper.java b/src/main/java/org/gcube/oidc/rest/OpenIdConnectRESTHelper.java
index 93e1676..9b845dd 100644
--- a/src/main/java/org/gcube/oidc/rest/OpenIdConnectRESTHelper.java
+++ b/src/main/java/org/gcube/oidc/rest/OpenIdConnectRESTHelper.java
@@ -102,7 +102,7 @@ public class OpenIdConnectRESTHelper {
     protected static JWTToken performQueryTokenWithPOST(URL tokenURL, String authorization,
             Map<String, List<String>> params) throws OpenIdConnectRESTHelperException {
                 return performQueryTokenWithPOST(tokenURL, authorization, params, null);
-            }
+    }
 
     protected static JWTToken performQueryTokenWithPOST(URL tokenURL, String authorization,
                 Map<String, List<String>> params, Map<String, String> headers) throws OpenIdConnectRESTHelperException {
@@ -218,10 +218,11 @@ public class OpenIdConnectRESTHelper {
         logger.info("Queried exchangeToken for context " + audience);
 
         Map<String, List<String>> params = new HashMap<>();
-        params.put("subject_token", Arrays.asList("authorization"));
-        params.put("grant_type", Arrays.asList("urn:ietf:params:oauth:grant-type:token-exchange"));
+
+        params.put("subject_token", Arrays.asList(authorization));
         params.put("client_id", Arrays.asList(client_id));
         params.put("client_secret", Arrays.asList(client_secret));
+        params.put("grant_type", Arrays.asList("urn:ietf:params:oauth:grant-type:token-exchange"));
         params.put("subject_token_type", Arrays.asList("urn:ietf:params:oauth:token-type:access_token"));
         params.put("requested_token_type", Arrays.asList("urn:ietf:params:oauth:token-type:access_token"));
 
@@ -250,12 +251,12 @@ public class OpenIdConnectRESTHelper {
         }
 
 
-        Map<String, String> headers = new HashMap<>();
-        headers.put("X-D4Science-Context", audience);
+        // Map<String, String> headers = new HashMap<>();
+        // headers.put("X-D4Science-Context", audience);
 
-        return performQueryTokenWithPOST(tokenUrl, authorization, params, headers);
+        return performQueryTokenWithPOST(tokenUrl, null, params/*, headers*/);
     }
-
+    
     /**
      * Queries from the OIDC server an UMA token, by using provided access token, for the given audience (context),
      * in URLEncoded form or not, and optionally a list of permissions.