diff --git a/helmchart/single-sign-on/requirements.yaml b/helmchart/single-sign-on/requirements.yaml
index f03d08f39d3d61d83bdbf0921bfe2dd84e919742..62e9238fd6c5f2f0ba9fa831f76c1d220b35b078 100644
--- a/helmchart/single-sign-on/requirements.yaml
+++ b/helmchart/single-sign-on/requirements.yaml
@@ -1,6 +1,6 @@
 dependencies:
   - name: hydra
-    version: 0.0.46
+    version: 0.0.47
     repository: "@ory"
     tags:
       - single-sign-on
diff --git a/helmchart/single-sign-on/templates/deployment-consent.yaml b/helmchart/single-sign-on/templates/deployment-consent.yaml
index c2c8b1f29930cca2d63c172cc9925a80ec65aa2f..69a8926fc62fe6af68c0449d75e24a668efc6d8e 100644
--- a/helmchart/single-sign-on/templates/deployment-consent.yaml
+++ b/helmchart/single-sign-on/templates/deployment-consent.yaml
@@ -20,7 +20,7 @@ spec:
           imagePullPolicy: Always
           env:
             - name: HYDRA_ADMIN_URL
-              value: http://{{ .Release.Name }}-admin:4445
+              value: http://{{ .Release.Name }}-hydra-admin:4445
             - name: GRAPHQL_URL
               value: http://{{ include "single-sign-on.fullname" . }}-userbackend/graphql
           ports:
diff --git a/helmchart/single-sign-on/templates/deployment-login.yaml b/helmchart/single-sign-on/templates/deployment-login.yaml
index 8910ee7d4af07bc98713d4d5950f127879b4faaa..e91f9e968f704286b381c9d216bc7793068f7d83 100644
--- a/helmchart/single-sign-on/templates/deployment-login.yaml
+++ b/helmchart/single-sign-on/templates/deployment-login.yaml
@@ -20,7 +20,7 @@ spec:
           imagePullPolicy: Always
           env:
             - name: HYDRA_ADMIN_URL
-              value: http://{{ .Release.Name }}-admin:4445
+              value: http://{{ .Release.Name }}-hydra-admin:4445
             - name: GRAPHQL_URL
               value: http://{{ include "single-sign-on.fullname" . }}-userbackend/graphql
           ports:
diff --git a/helmchart/single-sign-on/templates/deployment-userfrontend.yaml b/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
index 1aa814ab16d344276dd0cebb14a38537a7df3d04..2b0e8458d2d386e66fe40c1bcda9f44017357644 100644
--- a/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
+++ b/helmchart/single-sign-on/templates/deployment-userfrontend.yaml
@@ -38,12 +38,12 @@ spec:
             - name: OAUTH_CLIENT_ID
               valueFrom:
                 secretKeyRef:
-                  name: {{ include "single-sign-on.fullname" . }}-oauth2client-userpanel
+                  name: userpanel-oauth2-client
                   key: client_id
             - name: OAUTH_CLIENT_SECRET
               valueFrom:
                 secretKeyRef:
-                  name: {{ include "single-sign-on.fullname" . }}-oauth2client-userpanel
+                  name: userpanel-oauth2-client
                   key: client_secret
           ports:
             - name: userpanel
diff --git a/helmchart/single-sign-on/templates/job-create-oauth2-client-userpanel.yaml b/helmchart/single-sign-on/templates/job-create-oauth2-client-userpanel.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3abecb3347c35bc276a75cd076a19f889affc842
--- /dev/null
+++ b/helmchart/single-sign-on/templates/job-create-oauth2-client-userpanel.yaml
@@ -0,0 +1,66 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "single-sign-on.fullname" . }}-create-oauth2-client
+  labels:
+{{ include "single-sign-on.labels" . | indent 4 }}
+  annontations:
+    "helm.sh/hook": post-install
+    "helm.sh/hook-weight": "-5"
+    "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+        app.kubernetes.io/instance: {{.Release.Name | quote }}
+        helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+    spec:
+      restartPolicy: Never
+      containers:
+      - name: user-panel
+        image: "open.greenhost.net:4567/openappstack/user-panel/backend:minimal-frontend"
+        env:
+        - name: CLIENT_ID
+          valueFrom:
+            secretKeyRef:
+              name: userpanel-oauth2-client
+              key: client_id
+        - name: CLIENT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: userpanel-oauth2-client
+              key: client_secret
+        - name: CLIENT_NAME
+          value: user-panel
+        - name: REDIRECT_URI
+          value: "https://{{ .Values.userpanel.ingress.host }}/callback"
+        - name: SCOPES
+          value: "openid profile email openappstack_roles"
+        - name: CLIENT_URI
+          value: "https://{{ .Values.userpanel.ingress.host }}"
+        - name: CLIENT_LOGO_URI
+          value: "https://{{ .Values.userpanel.ingress.host }}/favicon.ico"
+        - name: TOKEN_ENDPOINT_AUTH_METHOD
+          value: client_secret_basic
+        - name: RESPONSE_TYPES
+          value: token
+        - name: GRANT_TYPES
+          value: implicit
+        command: ["/bin/bash", "-c"]
+        args:
+        - >
+          curl http://{{ .Release.Name }}-hydra-admin:4445/clients &&
+          curl --header "Content-Type: application/json" \
+               --request POST \
+               --data "{\"client_id\": \"$CLIENT_ID\",
+                        \"client_name\": \"$CLIENT_NAME\",
+                        \"client_secret\": \"$CLIENT_SECRET\",
+                        \"client_uri\": \"$CLIENT_URI\",
+                        \"logo_uri\": \"$CLIENT_LOGO_URI\",
+                        \"redirect_uris\": [\"$REDIRECT_URI\"],
+                        \"scope\": \"$SCOPES\",
+                        \"grant_types\": [\"$GRANT_TYPES\"],
+                        \"response_types\": [\"$RESPONSE_TYPES\"],
+                        \"token_endpoint_auth_method\": \"client_secret_post\"}" \
+               http://{{ .Release.Name }}-hydra-admin:4445/clients
diff --git a/helmchart/single-sign-on/templates/oauth2client-user-panel.yaml b/helmchart/single-sign-on/templates/oauth2client-user-panel.yaml
deleted file mode 100644
index b8c0a0de3877ffcd5cdb8f8f61bd5496f67f6f26..0000000000000000000000000000000000000000
--- a/helmchart/single-sign-on/templates/oauth2client-user-panel.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: hydra.ory.sh/v1alpha1
-kind: OAuth2Client
-metadata:
-  name: user-panel
-  labels:
-{{ include "single-sign-on.labels" . | indent 4 }}
-spec:
-  grantTypes: ["implicit"]
-  responseTypes: ["token"]
-  scope: "opeind profile email openappstack_roles"
-  redirectUris: [ "https://{{ .Values.userpanel.ingress.host }}/callback" ]
-  tokenEndPointAuthMethod: "client_secret_basic"
-  secretName: {{ include "single-sign-on.fullname" . }}-oauth2client-userpanel
diff --git a/helmchart/single-sign-on/templates/secret-oauth2-client-userpanel.yaml b/helmchart/single-sign-on/templates/secret-oauth2-client-userpanel.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..4ec23581b14c77a6edc12bec843720ab9ec50942
--- /dev/null
+++ b/helmchart/single-sign-on/templates/secret-oauth2-client-userpanel.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    name: userpanel-oauth2-client
+type: Opaque
+data:
+  client_id: {{ uuidv4 | b64enc }}
+  client_secret: {{ randAlphaNum 32 | b64enc }}
diff --git a/helmchart/single-sign-on/values.yaml b/helmchart/single-sign-on/values.yaml
index 0aeb2d20b29798b9ab629d8718c87633476365e1..73e2b838a20c947d85038d3199de0f06a5a5f753 100644
--- a/helmchart/single-sign-on/values.yaml
+++ b/helmchart/single-sign-on/values.yaml
@@ -10,6 +10,8 @@ userbackend:
     password: "postgres"
 
 hydra:
+  maester:
+    enabled: false
   hydra:
     dangerousForceHttp: true
     config: