diff --git a/de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java b/de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
index a163862..9917a41 100644
--- a/de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
+++ b/de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
@@ -78,7 +78,7 @@ public class Application {
 		new Forward(INDEX).bindPath(ROOT).on(server);
 		new WellKnownController().bindPath(WELL_KNOWN, "/realms/oidc" + WELL_KNOWN).on(server);
 		new UserController(mailConfig, sessionService, userService, staticPages).bindPath(API_USER).on(server);
-		var tokenControllerConfig = new TokenController.Configuration( 10);
+		var tokenControllerConfig = new TokenController.Configuration(10);
 		new TokenController(authService, clientService, keyManager, userService, tokenControllerConfig).bindPath(API_TOKEN).on(server);
 		new ClientController(authService, clientService, sessionService, userService).bindPath(API_CLIENT).on(server);
 		new KeyStoreController(keyStore).bindPath(JWKS).on(server);
diff --git a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java
index f9da058..46d0c32 100644
--- a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java
+++ b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java
@@ -115,7 +115,7 @@ public class TokenController extends PathHandler {
 		var user = optUser.get();
 
 		var    accessToken = users.accessToken(user);
-		var issuer = "https://"+hostname(ex);
+		var    issuer	   = hostname(ex);
 		String jwToken	   = createJWT(client, user, accessToken, issuer);
 		ex.getResponseHeaders().add("Cache-Control", "no-store");
 		JSONObject response = new JSONObject();
@@ -173,8 +173,8 @@ public class TokenController extends PathHandler {
 		JwtClaims claims   = new JwtClaims();
 
 		// required claims:
-		claims.setIssuer(issuer);  // who creates the token and signs it
-		claims.setSubject(user.uuid());	  // the subject/principal is whom the token is about
+		claims.setIssuer(issuer);	 // who creates the token and signs it
+		claims.setSubject(user.uuid());	 // the subject/principal is whom the token is about
 		claims.setAudience(client.id());
 		claims.setExpirationTimeMinutesInTheFuture(config.tokenExpirationMinutes);  // time when the token will expire (10 minutes from now)
 		claims.setIssuedAtToNow();