diff --git a/lib/config/configuration_test.go b/lib/config/configuration_test.go
index 60a86d8815131..83f6dbbf39991 100644
--- a/lib/config/configuration_test.go
+++ b/lib/config/configuration_test.go
@@ -3673,6 +3673,10 @@ func TestAuthHostedPlugins(t *testing.T) {
 				require.NotNil(t, p.OAuthProviders.Slack)
 				require.Equal(t, "foo", p.OAuthProviders.Slack.ID)
 				require.Equal(t, "bar", p.OAuthProviders.Slack.Secret)
+
+				require.NotNil(t, p.OAuthProviders.SlackCredentials)
+				require.Equal(t, "foo", p.OAuthProviders.SlackCredentials.ClientID)
+				require.Equal(t, "bar", p.OAuthProviders.SlackCredentials.ClientSecret)
 			},
 		},
 	}
diff --git a/lib/config/fileconf.go b/lib/config/fileconf.go
index 8a666b8221803..d221f46c461d0 100644
--- a/lib/config/fileconf.go
+++ b/lib/config/fileconf.go
@@ -1321,7 +1321,11 @@ func (p *PluginOAuthProviders) Parse() (servicecfg.PluginOAuthProviders, error)
 		if err != nil {
 			return out, trace.Wrap(err)
 		}
-		out.Slack = slack
+		out.Slack = &oauth2.ClientCredentials{
+			ID:     slack.ClientID,
+			Secret: slack.ClientSecret,
+		}
+		out.SlackCredentials = slack
 	}
 	return out, nil
 }
@@ -1335,7 +1339,7 @@ type OAuthClientCredentials struct {
 	ClientSecret string `yaml:"client_secret"`
 }
 
-func (o *OAuthClientCredentials) Parse() (*oauth2.ClientCredentials, error) {
+func (o *OAuthClientCredentials) Parse() (*servicecfg.OAuthClientCredentials, error) {
 	if o.ClientID == "" || o.ClientSecret == "" {
 		return nil, trace.BadParameter("both client_id and client_secret paths must be specified")
 	}
@@ -1354,9 +1358,9 @@ func (o *OAuthClientCredentials) Parse() (*oauth2.ClientCredentials, error) {
 	}
 	clientSecret = strings.TrimSpace(string(content))
 
-	return &oauth2.ClientCredentials{
-		ID:     clientID,
-		Secret: clientSecret,
+	return &servicecfg.OAuthClientCredentials{
+		ClientID:     clientID,
+		ClientSecret: clientSecret,
 	}, nil
 }
 
diff --git a/lib/service/servicecfg/auth.go b/lib/service/servicecfg/auth.go
index 3663ea25ae0ea..1ecc416e3c453 100644
--- a/lib/service/servicecfg/auth.go
+++ b/lib/service/servicecfg/auth.go
@@ -178,7 +178,18 @@ type HostedPluginsConfig struct {
 // PluginOAuthProviders holds application credentials for each
 // 3rd party API provider
 type PluginOAuthProviders struct {
+	// TODO(tross) delete once teleport.e has been converted.
+	// Deprecated: use SlackCredentials instead.
 	Slack *oauth2.ClientCredentials
+
+	SlackCredentials *OAuthClientCredentials
+}
+
+// OAuthClientCredentials stores the client_id and client_secret
+// of an OAuth application.
+type OAuthClientCredentials struct {
+	ClientID     string
+	ClientSecret string
 }
 
 // KeystoreConfig configures the auth keystore.