diff --git a/migrations/schema.sql b/migrations/schema.sql
index 94860f93f..b05b4d3e0 100644
--- a/migrations/schema.sql
+++ b/migrations/schema.sql
@@ -50,7 +50,7 @@ CREATE TABLE IF NOT EXISTS tokens(
 
 CREATE TABLE IF NOT EXISTS clients(
     id VARCHAR(128) NOT NULL UNIQUE, // prefixed with cid- to identify token easily in auth routes
-    appId VARCHAR(128) NOT NULL,
+    appId VARCHAR(128) NOT NULL,     // name of the client (for external apps) or id of app (for built-in apps)
     type VARCHAR(16) NOT NULL,
     clientSecret VARCHAR(512) NOT NULL,
     redirectURI VARCHAR(512) NOT NULL,
diff --git a/src/clients.js b/src/clients.js
index 46b191aad..8378c0b0d 100644
--- a/src/clients.js
+++ b/src/clients.js
@@ -68,7 +68,7 @@ ClientsError.NOT_FOUND = 'Not found';
 ClientsError.INTERNAL_ERROR = 'Internal Error';
 ClientsError.NOT_ALLOWED = 'Not allowed to remove this client';
 
-function validateName(name) {
+function validateClientName(name) {
     assert.strictEqual(typeof name, 'string');
 
     if (name.length < 1) return new ClientsError(ClientsError.BAD_FIELD, 'Name must be atleast 1 character');
@@ -89,7 +89,7 @@ function add(appId, type, redirectURI, scope, callback) {
     var error = accesscontrol.validateScopeString(scope);
     if (error) return callback(new ClientsError(ClientsError.INVALID_SCOPE, error.message));
 
-    error = validateName(appId);
+    error = validateClientName(appId);
     if (error) return callback(error);
 
     var id = 'cid-' + uuid.v4();