diff --git a/src/authorization-request/URI.ts b/src/authorization-request/URI.ts
index 14d9e121..20e092b6 100644
--- a/src/authorization-request/URI.ts
+++ b/src/authorization-request/URI.ts
@@ -229,7 +229,7 @@ export class URI implements AuthorizationRequestURI {
       throw Error(SIOPErrors.BAD_PARAMS);
     }
     // We strip the uri scheme before passing it to the decode function
-    const scheme: string = uri.match(/^([a-zA-Z-_]+:\/\/)/g)[0];
+    const scheme: string = uri.match(/^([a-zA-Z][a-zA-Z0-9-_]*:\/\/)/g)[0];
     const authorizationRequestPayload = decodeUriAsJson(uri) as AuthorizationRequestPayload;
     return { scheme, authorizationRequestPayload };
   }
diff --git a/src/helpers/Encodings.ts b/src/helpers/Encodings.ts
index d5171a85..d0511d4d 100644
--- a/src/helpers/Encodings.ts
+++ b/src/helpers/Encodings.ts
@@ -8,7 +8,7 @@ export function decodeUriAsJson(uri: string) {
   if (!uri) {
     throw new Error(SIOPErrors.BAD_PARAMS);
   }
-  const queryString = uri.replace(/^([a-zA-Z-_]+:\/\/[?]?)/g, '');
+  const queryString = uri.replace(/^([a-zA-z][a-zA-Z0-9-_]*:\/\/[?]?)/g, '');
   if (!queryString) {
     throw new Error(SIOPErrors.BAD_PARAMS);
   }