diff --git a/lib/src/core/definitions/security/oauth2_security_scheme.dart b/lib/src/core/definitions/security/oauth2_security_scheme.dart
index c92731bc..99696127 100644
--- a/lib/src/core/definitions/security/oauth2_security_scheme.dart
+++ b/lib/src/core/definitions/security/oauth2_security_scheme.dart
@@ -53,6 +53,8 @@ final class OAuth2SecurityScheme extends SecurityScheme {
     final additionalFields =
         json.parseAdditionalFields(prefixMapping, parsedFields);
 
+    // TODO: Add validation for the different flow-specific assertions
+    //       https://www.w3.org/TR/wot-thing-description11/#oauth2securityscheme
     return OAuth2SecurityScheme(
       flow,
       description: description,
diff --git a/test/core/definitions/serialization_test.dart b/test/core/definitions/serialization_test.dart
index ada93964..4a2ce585 100644
--- a/test/core/definitions/serialization_test.dart
+++ b/test/core/definitions/serialization_test.dart
@@ -190,5 +190,29 @@ void main() {
         dataSchema.toJson(),
       );
     });
+
+    test("OAuth2SecurityScheme", () async {
+      final oAuth2SecuritySchemeJson = {
+        "scheme": "oauth2",
+        "authorization": "https://example.org",
+        "token": "https://example.org",
+        "refresh": "https://example.org",
+        "scopes": ["foo", "bar"],
+        "flow": "code",
+      };
+
+      final parsedFields = {"scheme"};
+
+      final oAuth2SecurityScheme = OAuth2SecurityScheme.fromJson(
+        oAuth2SecuritySchemeJson,
+        PrefixMapping(),
+        parsedFields,
+      );
+
+      expect(
+        oAuth2SecuritySchemeJson,
+        oAuth2SecurityScheme.toJson(),
+      );
+    });
   });
 }