diff --git a/src/oidc.js b/src/oidc.js
index 55da24017..275d2239c 100644
--- a/src/oidc.js
+++ b/src/oidc.js
@@ -6,13 +6,12 @@ exports = module.exports = {
     revokeByUserId,
     getUserByAuthCode,
     consumeAuthCode,
-    clients: {
-        add: clientsAdd,
-        get: clientsGet,
-        del: clientsDel,
-        update: clientsUpdate,
-        list: clientsList
-    }
+
+    addClient,
+    getClient,
+    delClient,
+    updateClient,
+    listClients
 };
 
 const assert = require('assert'),
@@ -66,7 +65,7 @@ function postProcess(result) {
     return result;
 }
 
-async function clientsAdd(id, data) {
+async function addClient(id, data) {
     assert.strictEqual(typeof id, 'string');
     assert.strictEqual(typeof data.secret, 'string');
     assert.strictEqual(typeof data.loginRedirectUri, 'string');
@@ -82,7 +81,7 @@ async function clientsAdd(id, data) {
     if (error) throw error;
 }
 
-async function clientsGet(id) {
+async function getClient(id) {
     assert.strictEqual(typeof id, 'string');
 
     if (id === tokens.ID_WEBADMIN) {
@@ -112,7 +111,7 @@ async function clientsGet(id) {
     return postProcess(result[0]);
 }
 
-async function clientsUpdate(id, data) {
+async function updateClient(id, data) {
     assert.strictEqual(typeof id, 'string');
     assert.strictEqual(typeof data.loginRedirectUri, 'string');
     assert.strictEqual(typeof data.name, 'string');
@@ -123,14 +122,14 @@ async function clientsUpdate(id, data) {
     if (result.affectedRows !== 1) throw new BoxError(BoxError.NOT_FOUND, 'client not found');
 }
 
-async function clientsDel(id) {
+async function delClient(id) {
     assert.strictEqual(typeof id, 'string');
 
     const result = await database.query(`DELETE FROM ${OIDC_CLIENTS_TABLE_NAME} WHERE id = ?`, [ id ]);
     if (result.affectedRows !== 1) throw new BoxError(BoxError.NOT_FOUND, 'client not found');
 }
 
-async function clientsList() {
+async function listClients() {
     const results = await database.query(`SELECT * FROM ${OIDC_CLIENTS_TABLE_NAME} ORDER BY name ASC`, []);
 
     results.forEach(postProcess);
@@ -295,7 +294,7 @@ class CloudronAdapter {
         debug(`[${this.name}] find: ${id}`);
 
         if (this.name === 'Client') {
-            const [error, client] = await safe(clientsGet(id));
+            const [error, client] = await safe(getClient(id));
             if (error) {
                 debug('find: error getting client', error);
                 return null;
@@ -474,7 +473,7 @@ function renderInteractionPage(provider) {
         try {
             const { uid, prompt, params, session } = await provider.interactionDetails(req, res);
 
-            const client = await clientsGet(params.client_id);
+            const client = await getClient(params.client_id);
 
             let app = null;
             if (client.appId) app = await apps.get(client.appId);
@@ -635,7 +634,7 @@ function interactionConfirm(provider) {
 
             assert.equal(name, 'consent');
 
-            const client = await clientsGet(params.client_id);
+            const client = await getClient(params.client_id);
             const user = await users.get(accountId);
 
             // Check if user has access to the app if client refers to an app
diff --git a/src/routes/oidc.js b/src/routes/oidc.js
index 2b4a827c2..bc09c8a71 100644
--- a/src/routes/oidc.js
+++ b/src/routes/oidc.js
@@ -1,13 +1,12 @@
 'use strict';
 
 exports = module.exports = {
-    clients: {
-        get,
-        list,
-        add,
-        update,
-        del
-    },
+
+    addClient,
+    listClients,
+    getClient,
+    updateClient,
+    delClient,
 
     destroyUserSession
 };
@@ -21,7 +20,7 @@ const assert = require('assert'),
     safe = require('safetydance'),
     tokens = require('../tokens.js');
 
-async function add(req, res, next) {
+async function addClient(req, res, next) {
     assert.strictEqual(typeof req.body, 'object');
 
     if (typeof req.body.name !== 'string' || !req.body.name) return next(new HttpError(400, 'name must be non-empty string'));
@@ -40,7 +39,7 @@ async function add(req, res, next) {
         loginRedirectUri: req.body.loginRedirectUri
     };
 
-    const [error] = await safe(oidc.clients.add(clientId, data));
+    const [error] = await safe(oidc.addClient(clientId, data));
     if (error) return next(BoxError.toHttpError(error));
 
     data.id = clientId;
@@ -48,10 +47,10 @@ async function add(req, res, next) {
     next(new HttpSuccess(201, data));
 }
 
-async function get(req, res, next) {
+async function getClient(req, res, next) {
     assert.strictEqual(typeof req.params.clientId, 'string');
 
-    const [error, client] = await safe(oidc.clients.get(req.params.clientId));
+    const [error, client] = await safe(oidc.getClient(req.params.clientId));
     if (error) return next(BoxError.toHttpError(error));
     if (!client) return next(new HttpError(404, 'OpenID connect client not found'));
     if (client.appId) return next(new HttpError(422, 'OpenID connect client from an internal app'));
@@ -59,7 +58,7 @@ async function get(req, res, next) {
     next(new HttpSuccess(200, client));
 }
 
-async function update(req, res, next) {
+async function updateClient(req, res, next) {
     assert.strictEqual(typeof req.params.clientId, 'string');
     assert.strictEqual(typeof req.body, 'object');
 
@@ -67,7 +66,7 @@ async function update(req, res, next) {
     if (typeof req.body.loginRedirectUri !== 'string' || !req.body.loginRedirectUri) return next(new HttpError(400, 'loginRedirectUri must be non-empty string'));
     if (req.body.tokenSignatureAlgorithm !== 'EdDSA' && req.body.tokenSignatureAlgorithm !== 'RS256') return next(new HttpError(400, 'tokenSignatureAlgorithm must be either EdDSA or RS256'));
 
-    const [error, client] = await safe(oidc.clients.get(req.params.clientId));
+    const [error, client] = await safe(oidc.getClient(req.params.clientId));
     if (error) return next(BoxError.toHttpError(error));
     if (!client) return next(new HttpError(404, 'OpenID connect client not found'));
     if (client.appId) return next(new HttpError(422, 'OpenID connect client from an internal app'));
@@ -79,28 +78,28 @@ async function update(req, res, next) {
         loginRedirectUri: req.body.loginRedirectUri
     };
 
-    const [updateError] = await safe(oidc.clients.update(req.params.clientId, data));
+    const [updateError] = await safe(oidc.updateClient(req.params.clientId, data));
     if (updateError) return next(BoxError.toHttpError(updateError));
 
     next(new HttpSuccess(201, {}));
 }
 
-async function list(req, res, next) {
-    const [error, result] = await safe(oidc.clients.list());
+async function listClients(req, res, next) {
+    const [error, result] = await safe(oidc.listClients());
     if (error) return next(BoxError.toHttpError(error));
 
     next(new HttpSuccess(200, { clients: result.filter(client => !client.appId) }));
 }
 
-async function del(req, res, next) {
+async function delClient(req, res, next) {
     assert.strictEqual(typeof req.params.clientId, 'string');
 
-    const [error, client] = await safe(oidc.clients.get(req.params.clientId));
+    const [error, client] = await safe(oidc.oidc.getClient(req.params.clientId));
     if (error) return next(BoxError.toHttpError(error));
     if (!client) return next(new HttpError(404, 'OpenID connect client not found'));
     if (client.appId) return next(new HttpError(422, 'OpenID connect client from an internal app'));
 
-    const [delError] = await safe(oidc.clients.del(req.params.clientId));
+    const [delError] = await safe(oidc.delClient(req.params.clientId));
     if (delError) return next(BoxError.toHttpError(delError));
 
     next(new HttpSuccess(204));
diff --git a/src/server.js b/src/server.js
index 120f15849..6cd22c3e6 100644
--- a/src/server.js
+++ b/src/server.js
@@ -420,11 +420,11 @@ async function initializeExpressSync() {
     router.get ('/well-known-handler/*', routes.wellknown.get);
 
     // OpenID connect clients
-    router.get ('/api/v1/oidc/clients',                   token, authorizeAdmin, routes.oidc.clients.list);
-    router.post('/api/v1/oidc/clients',             json, token, authorizeAdmin, routes.oidc.clients.add);
-    router.get ('/api/v1/oidc/clients/:clientId',         token, authorizeAdmin, routes.oidc.clients.get);
-    router.post('/api/v1/oidc/clients/:clientId',   json, token, authorizeAdmin, routes.oidc.clients.update);
-    router.del ('/api/v1/oidc/clients/:clientId',         token, authorizeAdmin, routes.oidc.clients.del);
+    router.get ('/api/v1/oidc/clients',                   token, authorizeAdmin, routes.oidc.listClients);
+    router.post('/api/v1/oidc/clients',             json, token, authorizeAdmin, routes.oidc.addClient);
+    router.get ('/api/v1/oidc/clients/:clientId',         token, authorizeAdmin, routes.oidc.getClient);
+    router.post('/api/v1/oidc/clients/:clientId',   json, token, authorizeAdmin, routes.oidc.updateClient);
+    router.del ('/api/v1/oidc/clients/:clientId',         token, authorizeAdmin, routes.oidc.delClient);
 
     // OpenID connect sessions
     router.del ('/api/v1/oidc/sessions',                  token, authorizeUser, routes.oidc.destroyUserSession);