diff --git a/endpoints/publicProxy/config.go b/endpoints/publicProxy/config.go
index 02843465..f917669d 100644
--- a/endpoints/publicProxy/config.go
+++ b/endpoints/publicProxy/config.go
@@ -18,11 +18,10 @@ type Config struct {
 }
 
 type OauthConfig struct {
-	Host        string
-	Port        int
-	RedirectUrl string
-	HashKeyRaw  string `cf:"+secret"`
-	Providers   []*OauthProviderConfig
+	RedirectHost string
+	RedirectPort int
+	HashKeyRaw   string `cf:"+secret"`
+	Providers    []*OauthProviderConfig
 }
 
 func (oc *OauthConfig) GetProvider(name string) *OauthProviderConfig {
@@ -65,6 +64,6 @@ func configureOauthHandlers(ctx context.Context, cfg *Config, tls bool) error {
 	if err := configureGithubOauth(cfg.Oauth, tls); err != nil {
 		return err
 	}
-	zhttp.StartServer(ctx, fmt.Sprintf("%s:%d", strings.Split(cfg.Address, ":")[0], cfg.Oauth.Port))
+	zhttp.StartServer(ctx, fmt.Sprintf("%s:%d", strings.Split(cfg.Address, ":")[0], cfg.Oauth.RedirectPort))
 	return nil
 }
diff --git a/endpoints/publicProxy/github.go b/endpoints/publicProxy/github.go
index 61712907..96da339a 100644
--- a/endpoints/publicProxy/github.go
+++ b/endpoints/publicProxy/github.go
@@ -34,12 +34,11 @@ func configureGithubOauth(cfg *OauthConfig, tls bool) error {
 	}
 	clientID := providerCfg.ClientId
 	callbackPath := "/github/oauth"
-	port := cfg.Port
-	redirectUrl := fmt.Sprintf("%s://%s", scheme, cfg.RedirectUrl)
+	redirectUrl := fmt.Sprintf("%s://%s", scheme, cfg.RedirectHost)
 	rpConfig := &oauth2.Config{
 		ClientID:     clientID,
 		ClientSecret: providerCfg.ClientSecret,
-		RedirectURL:  fmt.Sprintf("%v:%v%v", redirectUrl, port, callbackPath),
+		RedirectURL:  fmt.Sprintf("%v:%v%v", redirectUrl, cfg.RedirectPort, callbackPath),
 		Scopes:       []string{"user:email"},
 		Endpoint:     githubOAuth.Endpoint,
 	}
diff --git a/endpoints/publicProxy/google.go b/endpoints/publicProxy/google.go
index c42960e8..11918fca 100644
--- a/endpoints/publicProxy/google.go
+++ b/endpoints/publicProxy/google.go
@@ -35,12 +35,11 @@ func configureGoogleOauth(cfg *OauthConfig, tls bool) error {
 
 	clientID := providerCfg.ClientId
 	callbackPath := "/google/oauth"
-	port := cfg.Port
-	redirectUrl := fmt.Sprintf("%s://%s", scheme, cfg.RedirectUrl)
+	redirectUrl := fmt.Sprintf("%s://%s", scheme, cfg.RedirectHost)
 	rpConfig := &oauth2.Config{
 		ClientID:     clientID,
 		ClientSecret: providerCfg.ClientSecret,
-		RedirectURL:  fmt.Sprintf("%v:%v%v", redirectUrl, port, callbackPath),
+		RedirectURL:  fmt.Sprintf("%v:%v%v", redirectUrl, cfg.RedirectPort, callbackPath),
 		Scopes:       []string{"https://www.googleapis.com/auth/userinfo.email"},
 		Endpoint:     googleOauth.Endpoint,
 	}
diff --git a/endpoints/publicProxy/http.go b/endpoints/publicProxy/http.go
index dcd1154f..9c9fa518 100644
--- a/endpoints/publicProxy/http.go
+++ b/endpoints/publicProxy/http.go
@@ -348,7 +348,7 @@ func basicAuthRequired(w http.ResponseWriter, realm string) {
 }
 
 func oauthLoginRequired(w http.ResponseWriter, r *http.Request, shrToken string, pcfg *Config, provider, target string, authCheckInterval time.Duration) {
-	http.Redirect(w, r, fmt.Sprintf("http://%s.%s:%d/%s/login?targethost=%s&checkInterval=%s", shrToken, pcfg.Oauth.Host, pcfg.Oauth.Port, provider, url.QueryEscape(target), authCheckInterval.String()), http.StatusFound)
+	http.Redirect(w, r, fmt.Sprintf("http://%s.%s:%d/%s/login?targethost=%s&checkInterval=%s", shrToken, pcfg.Oauth.RedirectHost, pcfg.Oauth.RedirectPort, provider, url.QueryEscape(target), authCheckInterval.String()), http.StatusFound)
 }
 
 func resolveService(hostMatch string, host string) string {
diff --git a/etc/frontend.yml b/etc/frontend.yml
index a088481b..a7d15b31 100644
--- a/etc/frontend.yml
+++ b/etc/frontend.yml
@@ -5,8 +5,8 @@
 #host_match: zrok.io
 
 #oauth:
-#  port: 28080
-#  redirect_url: zrok.io
+#  redirect_host: zrok.io
+#  redirect_port: 28080
 #  hash_key_raw: "test1234test1234"
 #  providers:
 #    - name: google