diff --git a/src/api/client/oidc.rs b/src/api/client/oidc.rs
index 73eaac2a..b79e53fc 100644
--- a/src/api/client/oidc.rs
+++ b/src/api/client/oidc.rs
@@ -76,8 +76,6 @@ pub(crate) async fn authorize_route(State(services): State<crate::State>, reques
 
 	oidc.validate_redirect_uri(&params.client_id, &params.redirect_uri).await?;
 
-	if !scope_contains_token(&params.scope, "openid") { return Err!(Request(InvalidParam("openid scope is required"))); }
-
 	let req_id = utils::random_string(OIDC_REQ_ID_LENGTH);
 	let now = SystemTime::now();
 
@@ -148,7 +146,9 @@ async fn token_authorization_code(services: &tuwunel_service::Services, body: &T
 	let refresh_token = generate_refresh_token();
 
 	let device_id: Option<OwnedDeviceId> = extract_device_id(&session.scope).map(OwnedDeviceId::from);
-	let device_id = services.users.create_device(user_id, device_id.as_deref(), (Some(&access_token), expires_in), Some(&refresh_token), Some("OIDC Client"), None).await?;
+	let client_name = oidc.get_client(client_id).await.ok().and_then(|c| c.client_name);
+	let device_display_name = client_name.as_deref().unwrap_or("OIDC Client");
+	let device_id = services.users.create_device(user_id, device_id.as_deref(), (Some(&access_token), expires_in), Some(&refresh_token), Some(device_display_name), None).await?;
 
 	info!("{user_id} logged in via OIDC (device {device_id})");