diff --git a/api/modules/oauth/controllers/ClientsController.php b/api/modules/oauth/controllers/ClientsController.php
index 3e7960a..485c1c5 100644
--- a/api/modules/oauth/controllers/ClientsController.php
+++ b/api/modules/oauth/controllers/ClientsController.php
@@ -136,7 +136,8 @@ class ClientsController extends Controller {
             throw new NotFoundHttpException();
         }
 
-        $clients = $account->oauthClients;
+        /** @var OauthClient[] $clients */
+        $clients = $account->getOauthClients()->orderBy(['created_at' => SORT_ASC])->all();
         $result = array_map(function(OauthClient $client) {
             return $this->formatClient($client);
         }, $clients);
@@ -152,13 +153,13 @@ class ClientsController extends Controller {
             'name' => $client->name,
             'websiteUrl' => $client->website_url,
             'createdAt' => $client->created_at,
-            'countUsers' => (int)$client->getSessions()->count(),
         ];
 
         switch ($client->type) {
             case OauthClient::TYPE_APPLICATION:
                 $result['description'] = $client->description;
                 $result['redirectUri'] = $client->redirect_uri;
+                $result['countUsers'] = (int)$client->getSessions()->count();
                 break;
             case OauthClient::TYPE_MINECRAFT_SERVER:
                 $result['minecraftServerIp'] = $client->minecraft_server_ip;
diff --git a/common/rbac/rules/OauthClientOwner.php b/common/rbac/rules/OauthClientOwner.php
index e303743..b03636a 100644
--- a/common/rbac/rules/OauthClientOwner.php
+++ b/common/rbac/rules/OauthClientOwner.php
@@ -38,7 +38,7 @@ class OauthClientOwner extends Rule {
         /** @var OauthClient|null $client */
         $client = OauthClient::findOne($clientId);
         if ($client === null) {
-            return false;
+            return true;
         }
 
         $identity = Yii::$app->user->findIdentityByAccessToken($accessToken);
diff --git a/tests/codeception/common/unit/rbac/rules/OauthClientOwnerTest.php b/tests/codeception/common/unit/rbac/rules/OauthClientOwnerTest.php
index 1919377..643ab79 100644
--- a/tests/codeception/common/unit/rbac/rules/OauthClientOwnerTest.php
+++ b/tests/codeception/common/unit/rbac/rules/OauthClientOwnerTest.php
@@ -42,7 +42,7 @@ class OauthClientOwnerTest extends TestCase {
 
         $this->assertFalse($rule->execute('token', $item, []));
         $this->assertTrue($rule->execute('token', $item, ['clientId' => 'admin-oauth-client']));
-        $this->assertFalse($rule->execute('token', $item, ['clientId' => 'not-exists-client']));
+        $this->assertTrue($rule->execute('token', $item, ['clientId' => 'not-exists-client']));
         $account->id = 2;
         $this->assertFalse($rule->execute('token', $item, ['clientId' => 'admin-oauth-client']));
         $item->name = P::VIEW_OWN_OAUTH_CLIENTS;