diff --git a/internal/api/token.go b/internal/api/token.go
index 52729ac4b..2f6f9e3b2 100644
--- a/internal/api/token.go
+++ b/internal/api/token.go
@@ -117,29 +117,27 @@ func (a *API) ResourceOwnerPasswordGrant(ctx context.Context, w http.ResponseWri
 
 	grantParams.FillGrantParams(r)
 
-	switch {
-	case params.Email != "" && config.External.Email.Enabled:
+	if params.Email != "" {
 		provider = "email"
+		if !config.External.Email.Enabled {
+			return badRequestError("Email logins are disabled")
+		}
 		user, err = models.FindUserByEmailAndAudience(db, params.Email, aud)
-
-	case params.Phone != "" && config.External.Phone.Enabled:
+	} else if params.Phone != "" {
 		provider = "phone"
+		if !config.External.Phone.Enabled {
+			return badRequestError("Phone logins are disabled")
+		}
 		params.Phone = formatPhoneNumber(params.Phone)
 		user, err = models.FindUserByPhoneAndAudience(db, params.Phone, aud)
-
-	case !config.External.Email.Enabled:
-		return badRequestError("Email logins are disabled")
-
-	case !config.External.Phone.Enabled:
-		return badRequestError("Phone logins are disabled")
-
-	default:
+	} else {
 		return oauthError("invalid_grant", InvalidLoginMessage)
 	}
 
-	if err != nil && models.IsNotFoundError(err) {
-		return oauthError("invalid_grant", InvalidLoginMessage)
-	} else if err != nil {
+	if err != nil {
+		if models.IsNotFoundError(err) {
+			return oauthError("invalid_grant", InvalidLoginMessage)
+		}
 		return internalServerError("Database error querying schema").WithInternalError(err)
 	}