diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index a57670e02..e418dc70d 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -212,13 +212,31 @@ def token_exchange(
       {:auth_active, false} ->
         # Per https://github.com/tootsuite/mastodon/blob/
         #   51e154f5e87968d6bb115e053689767ab33e80cd/app/controllers/api/base_controller.rb#L76
-        render_error(conn, :forbidden, "Your login is missing a confirmed e-mail address")
+        render_error(
+          conn,
+          :forbidden,
+          "Your login is missing a confirmed e-mail address",
+          %{},
+          "missing_confirmed_email"
+        )
 
       {:user_active, false} ->
-        render_error(conn, :forbidden, "Your account is currently disabled")
+        render_error(
+          conn,
+          :forbidden,
+          "Your account is currently disabled",
+          %{},
+          "account_is_disabled"
+        )
 
       {:password_reset_pending, true} ->
-        render_error(conn, :forbidden, "Password reset is required")
+        render_error(
+          conn,
+          :forbidden,
+          "Password reset is required",
+          %{},
+          "password_reset_required"
+        )
 
       _error ->
         render_invalid_credentials_error(conn)
diff --git a/lib/pleroma/web/translation_helpers.ex b/lib/pleroma/web/translation_helpers.ex
index 8f5a43bf6..a104ea6b8 100644
--- a/lib/pleroma/web/translation_helpers.ex
+++ b/lib/pleroma/web/translation_helpers.ex
@@ -3,15 +3,27 @@
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.TranslationHelpers do
-  defmacro render_error(conn, status, msgid, bindings \\ Macro.escape(%{})) do
+  defmacro render_error(
+             conn,
+             status,
+             msgid,
+             bindings \\ Macro.escape(%{}),
+             identifier \\ Macro.escape("")
+           ) do
     quote do
       require Pleroma.Web.Gettext
 
+      error_map =
+        %{
+          error: Pleroma.Web.Gettext.dgettext("errors", unquote(msgid), unquote(bindings)),
+          identifier: unquote(identifier)
+        }
+        |> Enum.reject(fn {_k, v} -> v == "" end)
+        |> Map.new()
+
       unquote(conn)
       |> Plug.Conn.put_status(unquote(status))
-      |> Phoenix.Controller.json(%{
-        error: Pleroma.Web.Gettext.dgettext("errors", unquote(msgid), unquote(bindings))
-      })
+      |> Phoenix.Controller.json(error_map)
     end
   end
 end
diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs
index 0cf755806..4d0741d14 100644
--- a/test/web/oauth/oauth_controller_test.exs
+++ b/test/web/oauth/oauth_controller_test.exs
@@ -852,6 +852,7 @@ test "rejects token exchange for user with password_reset_pending set to true" d
       assert resp = json_response(conn, 403)
 
       assert resp["error"] == "Password reset is required"
+      assert resp["identifier"] == "password_reset_required"
       refute Map.has_key?(resp, "access_token")
     end