diff --git a/oauth2.go b/oauth2.go
index 8813e22..c23dd4e 100644
--- a/oauth2.go
+++ b/oauth2.go
@@ -175,6 +175,7 @@ func (c *Config) FetchToken(existing *Token) (*Token, error) {
 	}
 	err := c.updateToken(existing, url.Values{
 		"grant_type":    {"refresh_token"},
+		"client_secret": {c.opts.ClientSecret},
 		"refresh_token": {existing.RefreshToken},
 	})
 	return existing, err
diff --git a/oauth2_test.go b/oauth2_test.go
index 1b6a022..bac8656 100644
--- a/oauth2_test.go
+++ b/oauth2_test.go
@@ -65,6 +65,28 @@ func TestExchangePayload(t *testing.T) {
 	conf.Exchange("exchange-code")
 }
 
+func TestRefreshPayload(t *testing.T) {
+	oldDefaultTransport := http.DefaultTransport
+	defer func() {
+		http.DefaultTransport = oldDefaultTransport
+	}()
+	conf := newTestConf()
+	http.DefaultTransport = &mockTransport{
+		rt: func(req *http.Request) (resp *http.Response, err error) {
+			headerContentType := req.Header.Get("Content-Type")
+			if headerContentType != "application/x-www-form-urlencoded" {
+				t.Fatalf("Content-Type header is expected to be application/x-www-form-urlencoded, %v found.", headerContentType)
+			}
+			body, _ := ioutil.ReadAll(req.Body)
+			if string(body) != "client_id=CLIENT_ID&client_secret=CLIENT_SECRET&grant_type=refresh_token&refresh_token=REFRESH_TOKEN" {
+				t.Fatalf("Exchange payload is found to be %v", string(body))
+			}
+			return nil, errors.New("no response")
+		},
+	}
+	conf.FetchToken(&Token{RefreshToken: "REFRESH_TOKEN"})
+}
+
 func TestExchangingTransport(t *testing.T) {
 	oldDefaultTransport := http.DefaultTransport
 	defer func() {