diff --git a/src/Factory/Api/Mastodon/Error.php b/src/Factory/Api/Mastodon/Error.php
index 3870770323..32ca03a62a 100644
--- a/src/Factory/Api/Mastodon/Error.php
+++ b/src/Factory/Api/Mastodon/Error.php
@@ -70,10 +70,9 @@ class Error extends BaseFactory
 		System::jsonError(422, $errorObj->toArray());
 	}
 
-	public function Unauthorized(string $error = '')
+	public function Unauthorized(string $error = '', string $error_description = '')
 	{
 		$error             = $error ?: $this->l10n->t('Unauthorized');
-		$error_description = '';
 		$errorObj          = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
 
 		$this->logError(401, $error);
diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php
index f78cb07098..8071c7568f 100644
--- a/src/Module/Api/Mastodon/Apps.php
+++ b/src/Module/Api/Mastodon/Apps.php
@@ -44,6 +44,10 @@ class Apps extends BaseApi
 	 */
 	protected function post(array $request = [])
 	{
+		if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
+			$request['redirect_uris'] = $request['redirect_uris'][0];
+		}
+
 		$request = $this->getRequest([
 			'client_name'   => '',
 			'redirect_uris' => '',
@@ -58,6 +62,10 @@ class Apps extends BaseApi
 			if (!empty($postrequest) && is_array($postrequest)) {
 				$request = array_merge($request, $postrequest);
 			}
+
+			if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
+				$request['redirect_uris'] = $request['redirect_uris'][0];
+			}	
 		}
 
 		if (empty($request['client_name']) || empty($request['redirect_uris'])) {
diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php
index 1fdb57aba9..7481bf75f5 100644
--- a/src/Module/OAuth/Token.php
+++ b/src/Module/OAuth/Token.php
@@ -32,7 +32,7 @@ use Friendica\Util\DateTimeFormat;
 use Psr\Http\Message\ResponseInterface;
 
 /**
- * @see https://docs.joinmastodon.org/spec/oauth/
+ * @see https://docs.joinmastodon.org/methods/oauth/#token
  * @see https://aaronparecki.com/oauth-2-simplified/
  */
 class Token extends BaseApi
@@ -69,13 +69,13 @@ class Token extends BaseApi
 		}
 
 		if (empty($request['client_id']) || empty($request['client_secret'])) {
-			Logger::warning('Incomplete request data', ['request' => $_REQUEST]);
-			DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Incomplete request data'));
+			Logger::warning('Incomplete request data', ['request' => $request]);
+			DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Incomplete request data'));
 		}
 
 		$application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
 		if (empty($application)) {
-			DI::mstdnError()->UnprocessableEntity();
+			DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Invalid data or unknown client'));
 		}
 
 		if ($request['grant_type'] == 'client_credentials') {