diff --git a/r2/r2/controllers/oauth2.py b/r2/r2/controllers/oauth2.py
index a957a6099..e23569106 100644
--- a/r2/r2/controllers/oauth2.py
+++ b/r2/r2/controllers/oauth2.py
@@ -186,7 +186,7 @@ class OAuth2AccessController(MinimalController):
         if not c.errors:
             auth_token = OAuth2AuthorizationCode.use_token(code, c.oauth2_client._id, redirect_uri)
             if auth_token:
-                access_token = OAuth2AccessToken._new(auth_token.user_id, auth_token.scope)
+                access_token = OAuth2AccessToken._new(auth_token.client_id, auth_token.user_id, auth_token.scope)
                 resp["access_token"] = access_token._id
                 resp["token_type"] = access_token.token_type
                 resp["expires_in"] = access_token._ttl
diff --git a/r2/r2/models/token.py b/r2/r2/models/token.py
index 33baf2823..fb1a3a653 100644
--- a/r2/r2/models/token.py
+++ b/r2/r2/models/token.py
@@ -276,9 +276,10 @@ class OAuth2AccessToken(Token):
     _connection_pool = "main"
 
     @classmethod
-    def _new(cls, user_id, scope_list):
+    def _new(cls, client_id, user_id, scope_list):
         scope = ','.join(scope_list)
         return super(OAuth2AccessToken, cls)._new(
+                     client_id=client_id,
                      user_id=user_id,
                      scope=scope)