diff --git a/connector/saml/saml.go b/connector/saml/saml.go
index 6e984ab611c971a0be433eef1421bba1e41dacde..b18e45c5e35c5539933abc2da1a3218061eb1c9d 100644
--- a/connector/saml/saml.go
+++ b/connector/saml/saml.go
@@ -341,7 +341,7 @@ func (p *provider) HandlePOST(s connector.Scopes, samlResponse string) (ident co
 			if !ok {
 				return ident, fmt.Errorf("no attribute with name %q", p.groupsAttr)
 			}
-			// TOOD(ericchiang): Do we need to further trim whitespace?
+			// TODO(ericchiang): Do we need to further trim whitespace?
 			ident.Groups = strings.Split(groupsStr, p.groupsDelim)
 		} else {
 			groups, ok := attributes.all(p.groupsAttr)
diff --git a/examples/config-dev.yaml b/examples/config-dev.yaml
index 5aec9a141ae76bff4b3482d54320b01f6a8e3675..f2211501d10fae552b50bc7c0a914e5a83a6aa7d 100644
--- a/examples/config-dev.yaml
+++ b/examples/config-dev.yaml
@@ -40,7 +40,7 @@ web:
 
 # Instead of reading from an external storage, use this list of clients.
 #
-# If this option isn't choosen clients may be added through the gRPC API.
+# If this option isn't chosen clients may be added through the gRPC API.
 staticClients:
 - id: example-app
   redirectURIs:
@@ -68,7 +68,7 @@ enablePasswordDB: true
 # A static list of passwords to login the end user. By identifying here, dex
 # won't look in its underlying storage for passwords.
 #
-# If this option isn't choosen users may be added through the gRPC API.
+# If this option isn't chosen users may be added through the gRPC API.
 staticPasswords:
 - email: "admin@example.com"
   # bcrypt hash of the string "password"
diff --git a/glide.yaml b/glide.yaml
index 07337a1dcd9808e98b2068ebbe8b036137cbf238..caa5b044e540e240a80633a60276aef48e15cedb 100644
--- a/glide.yaml
+++ b/glide.yaml
@@ -5,7 +5,7 @@
 # * Use glide and glide-vc.
 # * List transitive dependencies.
 # * Create a separate block for each dependency group.
-# * Keep updates to "vendor/" in a seperate commit from actual changes.
+# * Keep updates to "vendor/" in a separate commit from actual changes.
 
 package: github.com/coreos/dex
 import:
diff --git a/scripts/check-go-version b/scripts/check-go-version
index 6058a53d199969e0ee61d78343053eb39350f822..819923be961183bb91c60120281f3bd88d0631a0 100755
--- a/scripts/check-go-version
+++ b/scripts/check-go-version
@@ -11,7 +11,7 @@ FULL_GOVERSION=$( echo -n "$VERSION" | grep -o 'go1\.[0-9|\.]*' || true )
 # The list of unsupported major go versions.
 UNSUPPORTED=( "go1.0" "go1.1" "go1.2" "go1.3" "go1.4" "go1.5" "go1.6" )
 
-# Minor go verisons which have known security vulnerabilities. Refuse to build with these.
+# Minor go versions which have known security vulnerabilities. Refuse to build with these.
 #
 # There aren't any security issues that impact dex in 1.7 but minor versions should be
 # added here later if they do have issues. 
@@ -26,7 +26,7 @@ done
 
 for V in "${KNOWN_INSECURE[@]}"; do
     if [ "$V" = "$FULL_GOVERSION" ]; then
-        >&2 echo "Go version ${V} has known security vulnerabilities which impact dex. Please update your Go verison."
+        >&2 echo "Go version ${V} has known security vulnerabilities which impact dex. Please update your Go version."
         exit 2
     fi
 done
diff --git a/server/handlers.go b/server/handlers.go
index be1d148699c935bad0200e8697cb9fa5d3d1c283..23c0a5d2db7d4cfdbf1796bd8be2c551646e7f98 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -721,7 +721,7 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
 			offlineSessions.Refresh[tokenRef.ClientID] = &tokenRef
 
 			// Create a new OfflineSession object for the user and add a reference object for
-			// the newly recieved refreshtoken.
+			// the newly received refreshtoken.
 			if err := s.storage.CreateOfflineSessions(offlineSessions); err != nil {
 				s.logger.Errorf("failed to create offline session: %v", err)
 				s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
@@ -962,6 +962,6 @@ func (s *Server) renderError(w http.ResponseWriter, status int, description stri
 
 func (s *Server) tokenErrHelper(w http.ResponseWriter, typ string, description string, statusCode int) {
 	if err := tokenErr(w, typ, description, statusCode); err != nil {
-		s.logger.Errorf("token error repsonse: %v", err)
+		s.logger.Errorf("token error response: %v", err)
 	}
 }
diff --git a/server/rotation_test.go b/server/rotation_test.go
index a792d7b64f5fe29620677bcda0f5239a648753f4..5d6c18b2d563cf8e8ee8e3c458a86d6bdd7839b9 100644
--- a/server/rotation_test.go
+++ b/server/rotation_test.go
@@ -90,7 +90,7 @@ func TestKeyRotater(t *testing.T) {
 		got := verificationKeyIDs(t, r.Storage)
 
 		if !slicesEq(expVerificationKeys, got) {
-			t.Errorf("after %d rotation, expected varification keys %q, got %q", i+1, expVerificationKeys, got)
+			t.Errorf("after %d rotation, expected verification keys %q, got %q", i+1, expVerificationKeys, got)
 		}
 
 		expVerificationKeys = append(expVerificationKeys, signingKeyID(t, r.Storage))
diff --git a/server/server_test.go b/server/server_test.go
index 2fd0229bab6f6fc0f23f2a59e49d413eff0df630..e326e93c0f8e1c2fcf6d317d578a04687a4c6443 100644
--- a/server/server_test.go
+++ b/server/server_test.go
@@ -1070,7 +1070,7 @@ func TestRefreshTokenFlow(t *testing.T) {
 		Expiry:       time.Now().Add(-time.Hour),
 	}
 
-	// Login in again to recieve a new token.
+	// Login in again to receive a new token.
 	if _, err = http.Get(oauth2Client.server.URL + "/login"); err != nil {
 		t.Fatalf("get failed: %v", err)
 	}