diff --git a/server/oauth2.go b/server/oauth2.go
index b5d992ca8d175d927c1a3f2eb3494dfd32f9fe2d..8c9494f5149ed462d4d77d2d5ef8e925502d1182 100644
--- a/server/oauth2.go
+++ b/server/oauth2.go
@@ -187,7 +187,7 @@ func signPayload(key *jose.JSONWebKey, alg jose.SignatureAlgorithm, payload []by
 	return signature.CompactSerialize()
 }
 
-// The hash algorithm for the at_hash is detemrined by the signing
+// The hash algorithm for the at_hash is determined by the signing
 // algorithm used for the id_token. From the spec:
 //
 //    ...the hash algorithm used is the hash algorithm used in the alg Header