diff --git a/simulator.py b/simulator.py
index 496b33c9..30d3d768 100644
--- a/simulator.py
+++ b/simulator.py
@@ -550,18 +550,22 @@ def _get_or_token() -> str:
     if _or_token_cache["token"] and _or_token_cache["expires"] > time.time() + 60:
         return _or_token_cache["token"]
     try:
-        # Utiliser le client openremote avec client secret (service account)
-        data = urllib.parse.urlencode({
-            "grant_type": "client_credentials",
-            "client_id": os.environ.get('OR_CLIENT_ID', 'openremote'),
-            "client_secret": os.environ.get('OR_CLIENT_SECRET', ''),
-        }).encode()
-        req = urllib.request.Request(OR_TOKEN_URL, data=data)
-        with urllib.request.urlopen(req, timeout=5) as resp:
-            result = json.loads(resp.read())
-            _or_token_cache["token"] = result["access_token"]
-            _or_token_cache["expires"] = time.time() + result.get("expires_in", 300)
-            return result["access_token"]
+        # Utiliser HTTP Basic Auth (client_secret_basic)
+        import base64
+        creds = base64.b64encode(f"{os.environ.get('OR_CLIENT_ID')}:{os.environ.get('OR_CLIENT_SECRET')}".encode()).decode()
+        req = urllib.request.Request(
+            OR_TOKEN_URL,
+            data=urllib.parse.urlencode({"grant_type": "client_credentials"}).encode(),
+            headers={
+                "Content-Type": "application/x-www-form-urlencoded",
+                "Authorization": f"Basic {creds}"
+            }
+        )
+        with urllib.request.urlopen(req, timeout=5) as r:
+            token_data = json.loads(r.read().decode())
+            _or_token_cache["token"] = token_data["access_token"]
+            _or_token_cache["expires"] = time.time() + token_data.get("expires_in", 300) - 60
+            return _or_token_cache["token"]
     except Exception as e:
         print(f"  ⚠️  OpenRemote token → {e}")
         return ""