diff --git a/routers/api/v1/admin/auth_oauth.go b/routers/api/v1/admin/auth_oauth.go
index 73ffb90af3..3d9327fe5c 100644
--- a/routers/api/v1/admin/auth_oauth.go
+++ b/routers/api/v1/admin/auth_oauth.go
@@ -26,6 +26,7 @@ import (
 func CreateOauthAuth(ctx *context.APIContext) {
 	form := web.GetForm(ctx).(*api.CreateAuthOauth2Option)
 
+	// ??? todo: what should I do here?
 	var scopes []string
 	// for _, s := range strings.Split(form.Oauth2Scopes, ",") {
 	// 	s = strings.TrimSpace(s)
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index 06c49a3d6d..984095d070 100644
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -1650,10 +1650,10 @@ func Routes() *web.Router {
 
 		m.Group("/admin", func() {
 			m.Group("/identity-auth", func() {
-				m.Group("oauth", func() {
+				m.Group("/oauth", func() {
 					m.Get("", admin.SearchOauthAuth)
+					m.Put("/new", bind(api.CreateAuthOauth2Option{}), admin.CreateOauthAuth)
 					m.Delete("/{id}", admin.DeleteOauthAuth)
-					m.Post("/new", admin.CreateOauthAuth)
 				})
 			})