diff --git a/engines/dfc_provider/app/services/api_user.rb b/engines/dfc_provider/app/services/api_user.rb
index 6f70098258..ffee08b1a4 100644
--- a/engines/dfc_provider/app/services/api_user.rb
+++ b/engines/dfc_provider/app/services/api_user.rb
@@ -36,8 +36,11 @@ class ApiUser
   end
 
   def self.from_client_id(client_id)
-    id = CLIENT_MAP[client_id]
+    # Some tokens contain a short client id:
+    return new(client_id) if PLATFORMS.key?(client_id)
 
+    # Some tokens have a full URI to identify the client:
+    id = CLIENT_MAP[client_id]
     new(id) if id
   end
 
diff --git a/engines/dfc_provider/spec/services/api_user_spec.rb b/engines/dfc_provider/spec/services/api_user_spec.rb
index adc7fe12a6..240e69ac3a 100644
--- a/engines/dfc_provider/spec/services/api_user_spec.rb
+++ b/engines/dfc_provider/spec/services/api_user_spec.rb
@@ -5,6 +5,20 @@ require_relative "../spec_helper"
 RSpec.describe ApiUser do
   subject(:user) { described_class.new("cqcm-dev") }
 
+  describe ".from_client_id" do
+    it "finds by URI" do
+      uri = "https://api.proxy-dev.cqcm.startinblox.com/profile"
+      user = ApiUser.from_client_id(uri)
+      expect(user.id).to eq "cqcm-dev"
+    end
+
+    it "finds by short id" do
+      uri = "lf-dev"
+      user = ApiUser.from_client_id(uri)
+      expect(user.id).to eq "lf-dev"
+    end
+  end
+
   describe "#customers" do
     it "returns nothing" do
       expect(user.customers).to be_empty
diff --git a/engines/dfc_provider/spec/services/authorization_control_spec.rb b/engines/dfc_provider/spec/services/authorization_control_spec.rb
index 9fe3f9e4ca..1b4149674b 100644
--- a/engines/dfc_provider/spec/services/authorization_control_spec.rb
+++ b/engines/dfc_provider/spec/services/authorization_control_spec.rb
@@ -25,6 +25,14 @@ RSpec.describe AuthorizationControl do
       end
     end
 
+    it "accepts a token from FDC" do
+      sib_token = file_fixture("fdc_access_token.jwt").read
+
+      travel_to(Date.parse("2025-06-13")) do
+        expect(auth(oidc_token: sib_token).user.id).to eq "lf-dev"
+      end
+    end
+
     it "finds the right user" do
       create(:oidc_user) # another user
       token = allow_token_for(email: user.email)
diff --git a/spec/fixtures/files/fdc_access_token.jwt b/spec/fixtures/files/fdc_access_token.jwt
new file mode 100644
index 0000000000..c6cb7d7833
--- /dev/null
+++ b/spec/fixtures/files/fdc_access_token.jwt
@@ -0,0 +1 @@
+eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ6MUNyNk1ZT3dtVl8zNUJLMGs1ZFlSUEphUTZ6RWcyZW9oRGgtYVR5N0NVIn0.eyJleHAiOjE3NjI5NzYxNjcsImlhdCI6MTc2Mjk3NTg2NywianRpIjoidHJydGNjOjQzZTI4YzY0LTI2ZjItMmQ5OS0yN2U4LTI1ZDg3N2I5MmMxMCIsImlzcyI6Imh0dHBzOi8vbG9naW4uZm9vZGRhdGFjb2xsYWJvcmF0aW9uLm9yZy51ay9yZWFsbXMvZGV2IiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjFkNjdlODRlLWVkYTgtNDI5Yy05Mjc0LTQ4NTMyNDExODQ4NyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImxmLWRldiIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9hcGkuYmV0YS5saXRlZmFybS5vcmcvIiwiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMS8iXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImRlZmF1bHQtcm9sZXMtZGV2Iiwib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImxmLWRldiI6eyJyb2xlcyI6WyJ1bWFfcHJvdGVjdGlvbiJdfSwiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwiY2xpZW50SG9zdCI6IjEwLjAuMC4yIiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJzZXJ2aWNlLWFjY291bnQtbGYtZGV2IiwiY2xpZW50QWRkcmVzcyI6IjEwLjAuMC4yIiwiY2xpZW50X2lkIjoibGYtZGV2In0.YRro7Djz5YsjpRpgJNo5z4K4fyNTgCMuf4I9AU8iG0pAr7yYe-KUJEhoj6iVvJWTDJ_s-FL8UCZHWu0iaSt6dYl3thwK8vxT5MAjdJMPI9-TMT8AlS4IeJngQYYj72Enys6W1anKGIMO7dgIe7fP4WaCIxHTQqHNmJy7GIW9RnVwz6TmpFFuDxBrryq7Jjvy8BhtqiN4niwAV-oFrZJnSmnjJzKpCnKzeyd2AMDgxf2BXSW671nr3dk-QYcgTlBSa_6OfNzETgNtbpWrcPDhC6oHsLV8rmGO4mnD7Fg0o_f7lLomvocbaEkmXzY2suCpF4J2d-XuitQBhriKFqJMGw