diff --git a/ChangeLog b/ChangeLog
index 83f5c837..411c528d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
 10/25/2023
 - do not apply logout_on_error and authenticate_on_error when a parallel refresh token request is detected
   see https://github.com/OpenIDC/mod_auth_openidc/discussions/1132; thanks @esunke
+- add backwards compatibility option to allow parallel refresh token requests using envvar OIDC_PARALLEL_REFRESH_ALLOWED
 - bump to 2.4.14.5rc0
   
 10/12/2023
diff --git a/src/mod_auth_openidc.c b/src/mod_auth_openidc.c
index 962b4797..00743a20 100644
--- a/src/mod_auth_openidc.c
+++ b/src/mod_auth_openidc.c
@@ -1058,6 +1058,8 @@ static void oidc_store_userinfo_claims(request_rec *r, oidc_cfg *c,
 #define OIDC_REFRESH_ERROR_GENERAL				2
 #define OIDC_REFRESH_ERROR_PARALLEL_REFRESH		3
 
+#define OIDC_PARALLEL_REFRESH_ALLOWED_ENVVAR "OIDC_PARALLEL_REFRESH_ALLOWED"
+
 /*
  * execute refresh token grant to refresh the existing access token
  */
@@ -1094,8 +1096,11 @@ static apr_byte_t oidc_refresh_token_grant(request_rec *r, oidc_cfg *c,
 	if (value != NULL) {
 		oidc_warn(r,
 				"refresh token routine called but existing parallel refresh is in progress");
-		*error_code = OIDC_REFRESH_ERROR_PARALLEL_REFRESH;
-		goto end;
+		if (apr_table_get(r->subprocess_env,
+				OIDC_PARALLEL_REFRESH_ALLOWED_ENVVAR) == NULL) {
+			*error_code = OIDC_REFRESH_ERROR_PARALLEL_REFRESH;
+			goto end;
+		}
 	}
 	// "lock" the refresh token best effort; this does not work failsafe in a clustered setup...
 	oidc_cache_set_refresh_token(r, refresh_token, refresh_token,