diff --git a/src/core/oauth2-authorize.js b/src/core/oauth2-authorize.js
index 790fa2ef..d8babd95 100644
--- a/src/core/oauth2-authorize.js
+++ b/src/core/oauth2-authorize.js
@@ -1,7 +1,7 @@
 import win from "core/window"
 
 export default function authorize ( auth, authActions, errActions, configs ) {
-  let { schema, scopes, name, clientId, clientSecret } = auth
+  let { schema, scopes, name, clientId } = auth
 
   let redirectUrl = configs.oauth2RedirectUrl
   let scopeSeparator = " "
@@ -14,6 +14,11 @@ export default function authorize ( auth, authActions, errActions, configs ) {
     return
   }
 
+  if (flow === "application") {
+    authActions.authorizeOauth2Application(auth)
+    return
+  }
+
   // todo move to parser
   if ( !redirectUrl ) {
     errActions.newAuthErr( {
@@ -34,44 +39,14 @@ export default function authorize ( auth, authActions, errActions, configs ) {
       + "&state=" + encodeURIComponent(state)
       + "&client_id=" + encodeURIComponent(clientId)
 
-  if (flow === "application") {
-    fetch(schema.get("tokenUrl"), {
-      method: "post", headers: {
-        "Accept":"application/json, text/plain, */*",
-        "Content-Type": "application/x-www-form-urlencoded"
-      },
-      body: "grant_type=client_credentials" +
-            "&client_id=" + encodeURIComponent(clientId) +
-            "&client_secret=" + encodeURIComponent(clientSecret) +
-            "&scope=" + encodeURIComponent(scopes.join(scopeSeparator))
-    })
-    .then(function (response) {
-      if ( !response.ok ) {
-        errActions.newAuthErr( {
-          authId: name,
-          level: "error",
-          source: "auth",
-          message: response.statusText
-        } )
-        return
-      } else {
-        response.json()
-        .then(function (json){
-          authActions.authorizeOauth2({ auth, token: json})
-        })
-      }
-    })
-    .catch(err => { errActions.newAuthErr( err ) })
-  } else {
-    // pass action authorizeOauth2 and authentication data through window
-    // to authorize with oauth2
-    win.swaggerUIRedirectOauth2 = {
-      auth: auth,
-      state: state,
-      callback: authActions.preAuthorizeOauth2,
-      errCb: errActions.newAuthErr
-    }
-
-    win.open(url)
+  // pass action authorizeOauth2 and authentication data through window
+  // to authorize with oauth2
+  win.swaggerUIRedirectOauth2 = {
+    auth: auth,
+    state: state,
+    callback: authActions.preAuthorizeOauth2,
+    errCb: errActions.newAuthErr
   }
+
+  win.open(url)
 }
diff --git a/src/core/plugins/auth/actions.js b/src/core/plugins/auth/actions.js
index 79cd2a40..57d84550 100644
--- a/src/core/plugins/auth/actions.js
+++ b/src/core/plugins/auth/actions.js
@@ -119,3 +119,35 @@ export const authorizePassword = ( auth ) => ( { fn, authActions, errActions } )
     })
     .catch(err => { errActions.newAuthErr( err ) })
 }
+
+export const authorizeOauth2Application = ( auth ) => ( { authActions, errActions } ) => {
+  let { schema, scopes, name, clientId, clientSecret } = auth
+
+  fetch(schema.get("tokenUrl"), {
+    method: "post", headers: {
+      "Accept":"application/json, text/plain, */*",
+      "Content-Type": "application/x-www-form-urlencoded"
+    },
+    body: "grant_type=client_credentials" +
+          "&client_id=" + encodeURIComponent(clientId) +
+          "&client_secret=" + encodeURIComponent(clientSecret) +
+          "&scope=" + encodeURIComponent(scopes.join(scopeSeparator))
+  })
+  .then(function (response) {
+    if ( !response.ok ) {
+      errActions.newAuthErr( {
+        authId: name,
+        level: "error",
+        source: "auth",
+        message: response.statusText
+      } )
+      return
+    } else {
+      response.json()
+      .then(function (json){
+        authActions.authorizeOauth2({ auth, token: json})
+      })
+    }
+  })
+  .catch(err => { errActions.newAuthErr( err ) })
+}