diff --git a/internal/integration/integration.go b/internal/integration/integration.go
index 18836be8fc..20af65993b 100644
--- a/internal/integration/integration.go
+++ b/internal/integration/integration.go
@@ -431,3 +431,19 @@ func (s *Tester) updateInstanceAndOrg(ctx context.Context, domain string) contex
 	logging.OnError(err).Fatal("query organisation")
 	return ctx
 }
+
+func await(af func() error) error {
+	maxTimer := time.NewTimer(15 * time.Minute)
+	for {
+		err := af()
+		if err == nil {
+			return nil
+		}
+		select {
+		case <-maxTimer.C:
+			return err
+		case <-time.After(time.Second / 10):
+			continue
+		}
+	}
+}
diff --git a/internal/integration/oidc.go b/internal/integration/oidc.go
index 3e90cb6856..1d15d25f29 100644
--- a/internal/integration/oidc.go
+++ b/internal/integration/oidc.go
@@ -3,6 +3,7 @@ package integration
 import (
 	"context"
 	"fmt"
+	"io"
 	"net/http"
 	"net/url"
 	"strings"
@@ -27,7 +28,7 @@ func (s *Tester) CreateOIDCClient(ctx context.Context, redirectURI, logoutRedire
 	if len(grantTypes) == 0 {
 		grantTypes = []app.OIDCGrantType{app.OIDCGrantType_OIDC_GRANT_TYPE_AUTHORIZATION_CODE, app.OIDCGrantType_OIDC_GRANT_TYPE_REFRESH_TOKEN}
 	}
-	return s.Client.Mgmt.AddOIDCApp(ctx, &management.AddOIDCAppRequest{
+	resp, err := s.Client.Mgmt.AddOIDCApp(ctx, &management.AddOIDCAppRequest{
 		ProjectId:                projectID,
 		Name:                     fmt.Sprintf("app-%d", time.Now().UnixNano()),
 		RedirectUris:             []string{redirectURI},
@@ -46,6 +47,16 @@ func (s *Tester) CreateOIDCClient(ctx context.Context, redirectURI, logoutRedire
 		AdditionalOrigins:        nil,
 		SkipNativeAppSuccessPage: false,
 	})
+	if err != nil {
+		return nil, err
+	}
+	return resp, await(func() error {
+		_, err := s.Client.Mgmt.GetAppByID(ctx, &management.GetAppByIDRequest{
+			ProjectId: projectID,
+			AppId:     resp.GetAppId(),
+		})
+		return err
+	})
 }
 
 func (s *Tester) CreateOIDCNativeClient(ctx context.Context, redirectURI, logoutRedirectURI, projectID string, devMode bool) (*management.AddOIDCAppResponse, error) {
@@ -95,7 +106,7 @@ func (s *Tester) CreateOIDCImplicitFlowClient(ctx context.Context, redirectURI s
 	if err != nil {
 		return nil, err
 	}
-	return s.Client.Mgmt.AddOIDCApp(ctx, &management.AddOIDCAppRequest{
+	resp, err := s.Client.Mgmt.AddOIDCApp(ctx, &management.AddOIDCAppRequest{
 		ProjectId:                project.GetId(),
 		Name:                     fmt.Sprintf("app-%d", time.Now().UnixNano()),
 		RedirectUris:             []string{redirectURI},
@@ -114,6 +125,16 @@ func (s *Tester) CreateOIDCImplicitFlowClient(ctx context.Context, redirectURI s
 		AdditionalOrigins:        nil,
 		SkipNativeAppSuccessPage: false,
 	})
+	if err != nil {
+		return nil, err
+	}
+	return resp, await(func() error {
+		_, err := s.Client.Mgmt.GetAppByID(ctx, &management.GetAppByIDRequest{
+			ProjectId: project.GetId(),
+			AppId:     resp.GetAppId(),
+		})
+		return err
+	})
 }
 
 func (s *Tester) CreateOIDCTokenExchangeClient(ctx context.Context) (client *management.AddOIDCAppResponse, keyData []byte, err error) {
@@ -284,6 +305,10 @@ func CheckRedirect(req *http.Request) (*url.URL, error) {
 		return nil, err
 	}
 	defer resp.Body.Close()
+	if resp.StatusCode < 300 || resp.StatusCode >= 400 {
+		body, _ := io.ReadAll(resp.Body)
+		return nil, fmt.Errorf("check redirect unexpected status: %q; body: %q", resp.Status, body)
+	}
 
 	return resp.Location()
 }