diff --git a/internal/new.go b/internal/new.go
index 7e3e35c..2799d88 100644
--- a/internal/new.go
+++ b/internal/new.go
@@ -94,6 +94,7 @@ func NewServerWithConfig(conf *Config) *server.Server {
 			Host:      conf.Server.Issuer.Host,
 			Port:      conf.Server.Issuer.Port,
 			Endpoints: conf.Server.Issuer.Endpoints,
+			Clients:   conf.Server.Issuer.Clients,
 		},
 	}
 	return server
diff --git a/internal/oidc/oidc.go b/internal/oidc/oidc.go
index 206f68f..f52e0c4 100644
--- a/internal/oidc/oidc.go
+++ b/internal/oidc/oidc.go
@@ -175,7 +175,6 @@ func UpdateEndpoints(eps *Endpoints, other *Endpoints) {
 		if ep != nil {
 			if *ep == "" {
 				*ep = s
-				fmt.Printf("updated %s\n", s)
 			}
 		}
 	}
diff --git a/internal/server/idp.go b/internal/server/idp.go
index e7fea40..bb82a28 100644
--- a/internal/server/idp.go
+++ b/internal/server/idp.go
@@ -49,8 +49,8 @@ func (s *Server) StartIdentityProvider() error {
 
 	// update endpoints that have values set
 	defaultEps := oidc.Endpoints{
-		Authorization: "http://" + s.Addr + "/oauth/authorize",
-		Token:         "http://" + s.Addr + "/oauth/token",
+		Authorization: "http://" + s.Addr + "/oauth2/authorize",
+		Token:         "http://" + s.Addr + "/oauth2/token",
 		JwksUri:       "http://" + s.Addr + "/.well-known/jwks.json",
 	}
 	oidc.UpdateEndpoints(&s.Issuer.Endpoints, &defaultEps)
@@ -266,9 +266,13 @@ func (s *Server) StartIdentityProvider() error {
 			return
 		}
 
-		// check that we're using the default registered client
-		if clientId != "ochami" {
-			fmt.Printf("invalid client\n")
+		// find a valid client
+		index := slices.IndexFunc(s.Issuer.Clients, func(c RegisteredClient) bool {
+			fmt.Printf("%s ? %s\n", c.Id, clientId)
+			return c.Id == clientId
+		})
+		if index < 0 {
+			fmt.Printf("no valid client found")
 			return
 		}
 
diff --git a/internal/server/server.go b/internal/server/server.go
index 30eac4d..16b7b51 100644
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -57,7 +57,7 @@ func (s *Server) StartLogin(clients []oauth.Client, params ServerParams) error {
 
 	// make the login page SSO buttons and authorization URLs to write to stdout
 	buttons := ""
-	fmt.Printf("Login with external identity providers: \n")
+	fmt.Printf("Login with an identity provider: \n")
 	for i, client := range clients {
 		// fetch provider configuration before adding button
 		p, err := oidc.FetchServerConfig(client.Provider.Issuer)
@@ -74,8 +74,7 @@ func (s *Server) StartLogin(clients []oauth.Client, params ServerParams) error {
 
 		clients[i].Provider = *p
 		buttons += makeButton(fmt.Sprintf("/login?sso=%s", client.Id), client.Name)
-		url := client.BuildAuthorizationUrl(s.State)
-		fmt.Printf("\t%s\n", url)
+		fmt.Printf("\t%s: /login?sso=%s\n", client.Name, client.Id)
 	}
 
 	var code string
@@ -115,7 +114,9 @@ func (s *Server) StartLogin(clients []oauth.Client, params ServerParams) error {
 				client = &clients[index]
 
 				url := client.BuildAuthorizationUrl(s.State)
-				fmt.Printf("Redirect URL: %s\n", url)
+				if params.Verbose {
+					fmt.Printf("Redirect URL: %s\n", url)
+				}
 				http.Redirect(w, r, url, http.StatusFound)
 				return
 			}