diff --git a/README.md b/README.md
index 42b606a..ae4107b 100644
--- a/README.md
+++ b/README.md
@@ -83,8 +83,8 @@ services.AddOptions<ClientCredentialsOptions>("MyClient").Bind(configuration.Get
 services.AddHttpClient<MyClient>().AddClientCredentialsHandler( /* [...] */);
 ```
 
-Note on `EnforceHttps`.
-It is possible to allow http authenticated requests, however, this should be limited to exceptional scenarios.
+Note on `EnforceHttps`, which is disabled by default.
+It is possible to allow http authenticated requests, however, this should be limited to specific scenarios, such as intra-cluster communication.
 It is strongly advised that you always use https for authenticated requests transmitted as the token sent will be in clear.
 
 Then, instantiate the `HttpClient` later on using `IHttpClientFactory` or directly inject it in the constructor if you used the generic registration:
diff --git a/src/Workleap.Authentication.ClientCredentialsGrant.Tests/ClientCredentialsTokenHttpMessageHandlerTests.cs b/src/Workleap.Authentication.ClientCredentialsGrant.Tests/ClientCredentialsTokenHttpMessageHandlerTests.cs
index f9755b3..096396b 100644
--- a/src/Workleap.Authentication.ClientCredentialsGrant.Tests/ClientCredentialsTokenHttpMessageHandlerTests.cs
+++ b/src/Workleap.Authentication.ClientCredentialsGrant.Tests/ClientCredentialsTokenHttpMessageHandlerTests.cs
@@ -54,7 +54,6 @@ public async Task Throws_ClientCredentialsException_When_Http_By_Default()
     [Fact]
     public async Task SendAsync_When_EnforceHttps_False_For_Http_Requests()
     {
-        this._options.EnforceHttps = false;
         this._mockPrimaryHttpMessageHandler.ExpectedHttpResponseMessages = new[]
         {
             new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("Access granted on first try") },