diff --git a/backend/app/api/auth.py b/backend/app/api/auth.py
index 0e0414f..43d9fce 100644
--- a/backend/app/api/auth.py
+++ b/backend/app/api/auth.py
@@ -92,7 +92,7 @@ async def pocketid_callback(code: str, db: AsyncSession = Depends(get_db)):
 
     async with httpx.AsyncClient() as client:
         resp = await client.post(
-            f"{issuer}/token",
+            f"{issuer}/api/oidc/token",
             data={"grant_type": "authorization_code", "code": code,
                   "redirect_uri": f"{settings.base_url}/api/auth/pocketid/callback",
                   "client_id": client_id, "client_secret": client_secret},
@@ -101,7 +101,7 @@ async def pocketid_callback(code: str, db: AsyncSession = Depends(get_db)):
             raise HTTPException(status_code=400, detail="Token exchange failed")
         tokens = resp.json()
         userinfo_resp = await client.get(
-            f"{issuer}/userinfo",
+            f"{issuer}/api/oidc/userinfo",
             headers={"Authorization": f"Bearer {tokens['access_token']}"},
         )
         userinfo = userinfo_resp.json()