As far as I can determine the OAuth2 Token Endpoint currently always return 200 as response status code - even for errors. This is not in line with the OAuth2 specification that states:
The authorization server responds with an HTTP 400 (Bad Request) status code (unless specified otherwise)
This makes some clients fail to provide reasonable error messages to users/administrators and thus makes troubleshooting a lot harder than necessary.