diff --git a/db/knex_migrations/2025-06-24-0000-add-audience-to-oauth.js b/db/knex_migrations/2025-06-24-0000-add-audience-to-oauth.js
new file mode 100644
index 000000000..6666ed9c8
--- /dev/null
+++ b/db/knex_migrations/2025-06-24-0000-add-audience-to-oauth.js
@@ -0,0 +1,12 @@
+exports.up = function (knex) {
+    return knex.schema
+        .alterTable("monitor", function (table) {
+            table.string("oauth_audience").nullable().defaultTo(null);
+        });
+};
+
+exports.down = function (knex) {
+    return knex.schema.alterTable("monitor", function (table) {
+        table.string("oauth_audience").alter();
+    });
+};
diff --git a/db/old_migrations/patch-monitor-oauth-cc.sql b/db/old_migrations/patch-monitor-oauth-cc.sql
index 54a26c493..f33e95298 100644
--- a/db/old_migrations/patch-monitor-oauth-cc.sql
+++ b/db/old_migrations/patch-monitor-oauth-cc.sql
@@ -13,9 +13,6 @@ ALTER TABLE monitor
 ALTER TABLE monitor
     ADD oauth_scopes TEXT default null;
 
-ALTER TABLE monitor
-    ADD oauth_audience TEXT default null;
-
 ALTER TABLE monitor
     ADD oauth_auth_method TEXT default null;
 
diff --git a/server/util-server.js b/server/util-server.js
index 9eec5148a..a2d2a1f50 100644
--- a/server/util-server.js
+++ b/server/util-server.js
@@ -71,13 +71,13 @@ exports.decodeJwt = (jwt) => {
  * @param {string} clientId The oidc/oauth application client id
  * @param {string} clientSecret The oidc/oauth application client secret
  * @param {string} scope The scope(s) for which the token should be issued for
+ * @param {string} audience The audience for which the token should be issued for
  * @param {string} authMethod The method used to send the credentials. Default client_secret_basic
  * @returns {Promise<oidc.TokenSet>} TokenSet promise if the token request was successful
  */
 exports.getOidcTokenClientCredentials = async (tokenEndpoint, clientId, clientSecret, scope, audience, authMethod = "client_secret_basic") => {
     const oauthProvider = new oidc.Issuer({ token_endpoint: tokenEndpoint });
     let client = new oauthProvider.Client({
-        issuer: audience,
         client_id: clientId,
         client_secret: clientSecret,
         token_endpoint_auth_method: authMethod
diff --git a/src/lang/en.json b/src/lang/en.json
index a979edcc2..9c8f2ea9a 100644
--- a/src/lang/en.json
+++ b/src/lang/en.json
@@ -1022,6 +1022,7 @@
     "Client ID": "Client ID",
     "Client Secret": "Client Secret",
     "OAuth Scope": "OAuth Scope",
+    "OAuth Audience": "OAuth Audience",
     "Optional: Space separated list of scopes": "Optional: Space separated list of scopes",
     "Go back to home page.": "Go back to home page.",
     "No tags found.": "No tags found.",