diff --git a/app/services/oauth2.js b/app/services/oauth2.js
index 2837612..c3f9ead 100644
--- a/app/services/oauth2.js
+++ b/app/services/oauth2.js
@@ -168,7 +168,7 @@ class OAuth2Service extends SiteService {
     try {
       const ac = await OAuth2AuthorizationCode.findOne({ code });
       this.log.debug('process OAuth2 exchange', { client, code, redirectUri });
-      if (client._id !== ac.clientId) {
+      if (!client._id.equals(ac.clientId)) {
         this.log.alert('OAuth2 client ID mismatch', { provided: client.id, onfile: ac.clientId });
         return done(null, false);
       }