diff --git a/de.srsoftware.oidc.web/src/main/resources/en/scripts/authorization.js b/de.srsoftware.oidc.web/src/main/resources/en/scripts/authorization.js
index 6921d9a..918de18 100644
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/authorization.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/authorization.js
@@ -2,16 +2,6 @@ var params = new URLSearchParams(window.location.search)
 var json = paramsToObject(params);
 var scopes = {};
 
-// Replacement for Object.toEntries(…)
-function paramsToObject(entries) {
-  const result = {};
-  for(var key of entries) { // each 'entry' is a [key, value] tupple
-    result[key[0]] = key[1];
-  }
-  return result;
-}
-
-
 function showConfirmationDialog(name){
     get('name').innerHTML = name;
     show('content');
diff --git a/de.srsoftware.oidc.web/src/main/resources/en/scripts/clients.js b/de.srsoftware.oidc.web/src/main/resources/en/scripts/clients.js
index a416903..c84699e 100644
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/clients.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/clients.js
@@ -2,25 +2,26 @@ function edit(clientId){
     redirect("edit_client.html?id="+clientId);
 }
 
-async function handleClients(response){
+function handleClients(response){
     if (response.status == UNAUTHORIZED) {
         redirect('login.html?return_to='+encodeURI(window.location.href))
         return;
     }
-    var clients = await response.json();
-    var bottom = document.getElementById('bottom');
-    for (let id in clients){
-        var row = document.createElement("tr");
-        var client = clients[id];
-        row.innerHTML = `<td>${client.name}</td>
-        <td>${id}</td>
-        <td>${client.redirect_uris.join("<br/>")}</td>
-        <td>
-            <button type="button" onclick="edit('${id}')">Edit</button>
-            <button class="danger" onclick="remove('${id}')" type="button">Remove</button>
-        </td>`;
-        bottom.parentNode.insertBefore(row,bottom);
-    }
+    var clients = response.json().then(clients => {
+        var bottom = document.getElementById('bottom');
+        for (let id in clients){
+            var row = document.createElement("tr");
+            var client = clients[id];
+            row.innerHTML = `<td>${client.name}</td>
+            <td>${id}</td>
+            <td>${client.redirect_uris.join("<br/>")}</td>
+            <td>
+                <button type="button" onclick="edit('${id}')">Edit</button>
+                <button class="danger" onclick="remove('${id}')" type="button">Remove</button>
+            </td>`;
+            bottom.parentNode.insertBefore(row,bottom);
+        }
+    });
 }
 
 function handleRemove(response){
@@ -32,11 +33,10 @@ function remove(clientId){
     if (confirm(message.replace("{}",clientId))) {
         fetch(client_controller+"/delete",{
             method: 'DELETE',
-            body : JSON.stringify({ client_id : clientId })
+            body : JSON.stringify({ client_id : clientId }),
+            credentials:'include'
         }).then(handleRemove);
     }
 }
 
-
-
-fetch(client_controller+"/list",{method:'POST'}).then(handleClients);
\ No newline at end of file
+fetch(client_controller+"/list",{method:'POST',credentials:'include'}).then(handleClients);
\ No newline at end of file
diff --git a/de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js b/de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js
index 389d54a..86c2c38 100644
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js
@@ -41,6 +41,15 @@ function login(){
     redirect('login.html?return_to='+encodeURIComponent(window.location.href));
 }
 
+// Replacement for Object.toEntries(…)
+function paramsToObject(entries) {
+  const result = {};
+  for(var key of entries) { // each 'entry' is a [key, value] tupple
+    result[key[0]] = key[1];
+  }
+  return result;
+}
+
 function redirect(page){
     window.location.href = page;
 }
diff --git a/de.srsoftware.oidc.web/src/main/resources/en/scripts/edit_client.js b/de.srsoftware.oidc.web/src/main/resources/en/scripts/edit_client.js
index 3e55089..4cdeee2 100644
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/edit_client.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/edit_client.js
@@ -2,17 +2,18 @@ var params = new URLSearchParams(window.location.search);
 var id = params.get('id');
 
 
-async function handleLoadResponse(response){
+function handleLoadResponse(response){
     if (response.ok){
-        var json = await response.json();
-        get('client-id').value = json.client_id;
-        get('client-name').value = json.name;
-        get('client-secret').value = json.secret;
-        get('redirect-urls').value = json.redirect_uris.join("\n");
+        response.json().then(json => {
+            get('client-id').value = json.client_id;
+            get('client-name').value = json.name;
+            get('client-secret').value = json.secret;
+            get('redirect-urls').value = json.redirect_uris.join("\n");
+        });
     }
 }
 
-async function handleUpdateResponse(response){
+function handleUpdateResponse(response){
     if (response.ok) {
         enable('button');
         setText('button','saved.');
@@ -38,7 +39,8 @@ function updateClient(){
         headers : {
            'Content-Type': 'application/json'
         },
-        body : JSON.stringify(data)
+        body : JSON.stringify(data),
+        credentials:'include'
     }).then(handleUpdateResponse);
     setTimeout(resetButton,4000);
 }
@@ -48,5 +50,6 @@ fetch(api+'/client',
         method: 'POST',
         body: JSON.stringify({
             client_id : id
-        })
-    }).then(handleLoadResponse);
\ No newline at end of file
+        }),
+        credentials:'include'
+    }).then(handleLoadResponse);
diff --git a/de.srsoftware.oidc.web/src/main/resources/en/scripts/new_client.js b/de.srsoftware.oidc.web/src/main/resources/en/scripts/new_client.js
index 76b397d..625e8e8 100644
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/new_client.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/new_client.js
@@ -11,7 +11,8 @@ function addClient(){
         headers : {
            'Content-Type': 'application/json'
         },
-        body : JSON.stringify(newData)
+        body : JSON.stringify(newData),
+        credentials:'include'
     }).then(handleClientdResponse);
 
     setText('button','sent…');
diff --git a/de.srsoftware.oidc.web/src/main/resources/en/scripts/user.js b/de.srsoftware.oidc.web/src/main/resources/en/scripts/user.js
index ed17e58..2da145b 100644
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/user.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/user.js
@@ -19,6 +19,7 @@ function handleNavigation(response){
             var nav = document.getElementsByTagName('nav')[0];
             nav.innerHTML = content;
             var links = nav.getElementsByTagName('a');
+
             for (var index = links.length; index > 0; index--){
                 var link = links[index-1];
                 var clazz = link.hasAttribute('class') ? link.getAttribute("class") : null;
@@ -28,7 +29,9 @@ function handleNavigation(response){
     }
 }
 
-fetch(user_controller+"/",{
-    method:'POST',
-    credentials:'include'
-}).then(handleUser);
+document.addEventListener("DOMContentLoaded", function(event) { // wait until page loaded
+    fetch(user_controller+"/",{
+        method:'POST',
+        credentials:'include'
+    }).then(handleUser);
+});