diff --git a/pom.xml b/pom.xml
index 1c67c597b..29fa9ab71 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,7 +53,7 @@
 		<nimbus-jose.version>9.37</nimbus-jose.version>
 		<logback.version>1.4.11</logback.version>
 		<slf4j.version>2.0.9</slf4j.version>
-		<tinyoauth2.version>0.7.0</tinyoauth2.version>
+		<tinyoauth2.version>0.8.0</tinyoauth2.version>
 		<zxcvbn.version>1.8.2</zxcvbn.version>
 
 		<!-- test dependencies -->
diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/AuthFlowTask.java b/src/main/java/org/cryptomator/ui/keyloading/hub/AuthFlowTask.java
index b85e98cd4..766f23932 100644
--- a/src/main/java/org/cryptomator/ui/keyloading/hub/AuthFlowTask.java
+++ b/src/main/java/org/cryptomator/ui/keyloading/hub/AuthFlowTask.java
@@ -1,7 +1,6 @@
 package org.cryptomator.ui.keyloading.hub;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import io.github.coffeelibs.tinyoauth2client.AuthFlow;
 import io.github.coffeelibs.tinyoauth2client.TinyOAuth2;
 import io.github.coffeelibs.tinyoauth2client.http.response.Response;
 
@@ -23,7 +22,7 @@ class AuthFlowTask extends Task<String> {
 	/**
 	 * Spawns a server and waits for the redirectUri to be called.
 	 *
-	 * @param hubConfig Configuration object holding parameters required by {@link AuthFlow}
+	 * @param hubConfig Configuration object holding parameters required by {@link io.github.coffeelibs.tinyoauth2client.AuthorizationCodeGrant}
 	 * @param redirectUriConsumer A callback invoked with the redirectUri, as soon as the server has started
 	 */
 	public AuthFlowTask(HubConfig hubConfig, AuthFlowContext authFlowContext, Consumer<URI> redirectUriConsumer) {
@@ -37,10 +36,10 @@ class AuthFlowTask extends Task<String> {
 		var response = TinyOAuth2.client(hubConfig.clientId) //
 				.withTokenEndpoint(URI.create(hubConfig.tokenEndpoint)) //
 				.withRequestTimeout(Duration.ofSeconds(10)) //
-				.authFlow(URI.create(hubConfig.authEndpoint)) //
+				.authorizationCodeGrant(URI.create(hubConfig.authEndpoint)) //
 				.setSuccessResponse(Response.redirect(URI.create(hubConfig.authSuccessUrl + "&device=" + authFlowContext.deviceId()))) //
 				.setErrorResponse(Response.redirect(URI.create(hubConfig.authErrorUrl + "&device=" + authFlowContext.deviceId()))) //
-				.authorize(redirectUriConsumer);
+				.authorize(HttpClient.newHttpClient(), redirectUriConsumer);
 		if (response.statusCode() != 200) {
 			throw new NotOkResponseException("Authorization returned status code " + response.statusCode());
 		}