diff --git a/src/appdb.js b/src/appdb.js
index 8a90858e0..50eca59cb 100644
--- a/src/appdb.js
+++ b/src/appdb.js
@@ -59,7 +59,8 @@ var assert = require('assert'),
 
 var APPS_FIELDS_PREFIXED = [ 'apps.id', 'apps.appStoreId', 'apps.installationState', 'apps.installationProgress', 'apps.runState',
     'apps.health', 'apps.containerId', 'apps.manifestJson', 'apps.httpPort', 'apps.location', 'apps.dnsRecordId',
-    'apps.accessRestrictionJson', 'apps.lastBackupId', 'apps.oldConfigJson', 'apps.memoryLimit', 'apps.altDomain', 'apps.xFrameOptions' ].join(',');
+    'apps.accessRestrictionJson', 'apps.lastBackupId', 'apps.oldConfigJson', 'apps.memoryLimit', 'apps.altDomain',
+    'apps.xFrameOptions', 'apps.oauthProxy' ].join(',');
 
 var PORT_BINDINGS_FIELDS = [ 'hostPort', 'environmentVariable', 'appId' ].join(',');
 
diff --git a/src/apptask.js b/src/apptask.js
index 4025a69dd..7d251b36f 100644
--- a/src/apptask.js
+++ b/src/apptask.js
@@ -159,7 +159,7 @@ function allocateOAuthProxyCredentials(app, callback) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    if (!nginx.requiresOAuthProxy(app)) return callback(null);
+    if (!app.oauthProxy) return callback(null);
 
     debugApp(app, 'Creating oauth proxy credentials');
 
diff --git a/src/nginx.js b/src/nginx.js
index 18de4c904..0aa7cbdd9 100644
--- a/src/nginx.js
+++ b/src/nginx.js
@@ -11,7 +11,6 @@ var assert = require('assert'),
     shell = require('./shell.js');
 
 exports = module.exports = {
-    requiresOAuthProxy: requiresOAuthProxy,
     configureAdmin: configureAdmin,
     configureApp: configureApp,
     unconfigureApp: unconfigureApp,
@@ -21,18 +20,6 @@ exports = module.exports = {
 var NGINX_APPCONFIG_EJS = fs.readFileSync(__dirname + '/../setup/start/nginx/appconfig.ejs', { encoding: 'utf8' }),
     RELOAD_NGINX_CMD = path.join(__dirname, 'scripts/reloadnginx.sh');
 
-function requiresOAuthProxy(app) {
-    assert.strictEqual(typeof app, 'object');
-
-    var tmp = app.accessRestriction;
-
-    // if no accessRestriction set, or the app uses one of the auth modules, we do not need the oauth proxy
-    if (tmp === null) return false;
-    if (app.manifest.addons['ldap'] || app.manifest.addons['oauth'] || app.manifest.addons['simpleauth']) return false;
-
-    return true;
-}
-
 function configureAdmin(certFilePath, keyFilePath, callback) {
     assert.strictEqual(typeof certFilePath, 'string');
     assert.strictEqual(typeof keyFilePath, 'string');
@@ -62,7 +49,7 @@ function configureApp(app, certFilePath, keyFilePath, callback) {
     assert.strictEqual(typeof callback, 'function');
 
     var sourceDir = path.resolve(__dirname, '..');
-    var oauthProxy = requiresOAuthProxy(app);
+    var oauthProxy = app.oauthProxy;
     var endpoint = oauthProxy ? 'oauthproxy' : 'app';
     var vhost = app.altDomain || config.appFqdn(app.location);