diff --git a/src/Controller/OAuthLoginController.php b/src/Controller/OAuthLoginController.php
index 0e3fec5..c0d226a 100644
--- a/src/Controller/OAuthLoginController.php
+++ b/src/Controller/OAuthLoginController.php
@@ -89,7 +89,7 @@ class OAuthLoginController
     {
         $oAuthTokenRepository = new OAuthTokenRepository();
         $userRepository = new UserRepository();
-        $token = $oAuthTokenRepository->getByCode($this->request->query('code'));
+        $token = $oAuthTokenRepository->getByCode($this->request->post('code'));
 
         if ($token === null || $token->getExpiresDate() < new DateTime()) {
             return new JsonContent([
diff --git a/web.php b/web.php
index ac60ae3..4de9e66 100644
--- a/web.php
+++ b/web.php
@@ -23,8 +23,8 @@ Container::$routeCollection->group('login', function (SokoWeb\Routing\RouteColle
 Container::$routeCollection->group('oauth', function (SokoWeb\Routing\RouteCollection $routeCollection) {
     $routeCollection->get('oauth-start', 'start', [RVR\Controller\OAuthLoginController::class, 'startOauth']);
     $routeCollection->get('oauth-finish', 'finish', [RVR\Controller\OAuthLoginController::class, 'finishOauth']);
-    $routeCollection->get('oauth-getToken', 'getToken', [RVR\Controller\OAuthLoginController::class, 'getToken']);
-    $routeCollection->get('oauth-getJwtPublicKey', 'getJwtPublicKey', [RVR\Controller\OAuthLoginController::class, 'getJwtPublicKey']);
+    $routeCollection->post('oauth-token', 'token', [RVR\Controller\OAuthLoginController::class, 'getToken']);
+    $routeCollection->get('oauth-jwtPublicKey', 'jwtPublicKey', [RVR\Controller\OAuthLoginController::class, 'getJwtPublicKey']);
 });
 Container::$routeCollection->group('password', function (SokoWeb\Routing\RouteCollection $routeCollection) {
     $routeCollection->get('password-requestReset', 'requestReset', [RVR\Controller\LoginController::class, 'getRequestPasswordResetForm']);