diff --git a/demo/src/main/kotlin/Server.kt b/demo/src/main/kotlin/Server.kt
index 9df20e2d..99338ae5 100644
--- a/demo/src/main/kotlin/Server.kt
+++ b/demo/src/main/kotlin/Server.kt
@@ -230,7 +230,7 @@ object Server : ServerPathGroup(ServerPath.root) {
 
     val multiplex = path("multiplex").websocket(MultiplexWebSocketHandler(cache))
 
-    val meta = path("meta").metaEndpoints<Unit>()
+    val meta = path("meta").metaEndpoints()
 
     val weirdAuth = path("weird-auth").get.typed(
         summary = "Get weird auth",
diff --git a/server-core/src/main/kotlin/com/lightningkite/lightningserver/auth/subject/AuthEndpointsForSubject.kt b/server-core/src/main/kotlin/com/lightningkite/lightningserver/auth/subject/AuthEndpointsForSubject.kt
index 2373ae51..adbb8e2a 100644
--- a/server-core/src/main/kotlin/com/lightningkite/lightningserver/auth/subject/AuthEndpointsForSubject.kt
+++ b/server-core/src/main/kotlin/com/lightningkite/lightningserver/auth/subject/AuthEndpointsForSubject.kt
@@ -229,6 +229,7 @@ class AuthEndpointsForSubject<SUBJECT : HasId<ID>, ID : Comparable<ID>>(
         errorCases = listOf(),
         implementation = { futureSessionToken: String ->
             val future = FutureSession.fromToken(futureSessionToken)
+            if(future.oauthClient != null) throw ForbiddenException("Please use the token endpoint for OAuth instead, so we can check your secret.")
             val (s, secret) = newSessionPrivate(
                 label = future.label,
                 subjectId = future.subjectId,
diff --git a/server-core/src/test/kotlin/com/lightningkite/lightningserver/auth/proof/EmailProofEndpointsTest.kt b/server-core/src/test/kotlin/com/lightningkite/lightningserver/auth/proof/EmailProofEndpointsTest.kt
new file mode 100644
index 00000000..f98277c2
--- /dev/null
+++ b/server-core/src/test/kotlin/com/lightningkite/lightningserver/auth/proof/EmailProofEndpointsTest.kt
@@ -0,0 +1,31 @@
+package com.lightningkite.lightningserver.auth.proof
+
+import com.lightningkite.lightningserver.TestSettings
+import com.lightningkite.lightningserver.email.Email
+import com.lightningkite.lightningserver.email.EmailLabeledValue
+import com.lightningkite.lightningserver.email.TestEmailClient
+import com.lightningkite.lightningserver.serialization.Serialization
+import io.ktor.http.*
+import kotlinx.coroutines.runBlocking
+import kotlinx.serialization.encodeToString
+import org.junit.Assert.*
+import org.junit.Test
+import java.util.Base64
+
+class EmailProofEndpointsTest {
+    @Test fun test(): Unit = runBlocking {
+        TestSettings.proofEmail.send("test@test.com") { proof ->
+            Email(
+                to = listOf(EmailLabeledValue("test@test.com")),
+                subject = "Login",
+                plainText = """
+                    |Test got proof 
+                    |${Serialization.json.encodeToString(proof).encodeURLQueryComponent()}
+                    |${Serialization.json.encodeToString(proof).let{ Base64.getEncoder().encodeToString(it.toByteArray()) }}
+                    |""".trimMargin()
+            )
+        }
+        assertNotNull(TestEmailClient.lastEmailSent)
+        TestEmailClient.lastEmailSent?.plainText?.let { println(it) }
+    }
+}
\ No newline at end of file