diff --git a/config/config.go b/config/config.go
index 1b9e8f85..4f182e55 100644
--- a/config/config.go
+++ b/config/config.go
@@ -9,20 +9,19 @@ import (
 	"strconv"
 )
 
-// Default config parameters values
 const (
-	DefaultBaseURL                 = "http://localhost"
-	DefaultDatabaseURL             = "postgres://postgres:postgres@localhost/miniflux2?sslmode=disable"
-	DefaultWorkerPoolSize          = 5
-	DefaultPollingFrequency        = 60
-	DefaultBatchSize               = 10
-	DefaultDatabaseMaxConns        = 20
-	DefaultListenAddr              = "127.0.0.1:8080"
-	DefaultCertFile                = ""
-	DefaultKeyFile                 = ""
-	DefaultCertDomain              = ""
-	DefaultCertCache               = "/tmp/cert_cache"
-	DefaultSessionCleanupFrequency = 24
+	defaultBaseURL                 = "http://localhost"
+	defaultDatabaseURL             = "postgres://postgres:postgres@localhost/miniflux2?sslmode=disable"
+	defaultWorkerPoolSize          = 5
+	defaultPollingFrequency        = 60
+	defaultBatchSize               = 10
+	defaultDatabaseMaxConns        = 20
+	defaultListenAddr              = "127.0.0.1:8080"
+	defaultCertFile                = ""
+	defaultKeyFile                 = ""
+	defaultCertDomain              = ""
+	defaultCertCache               = "/tmp/cert_cache"
+	defaultSessionCleanupFrequency = 24
 )
 
 // Config manages configuration parameters.
@@ -30,8 +29,7 @@ type Config struct {
 	IsHTTPS bool
 }
 
-// Get returns a config parameter value.
-func (c *Config) Get(key, fallback string) string {
+func (c *Config) get(key, fallback string) string {
 	value := os.Getenv(key)
 	if value == "" {
 		return fallback
@@ -40,8 +38,7 @@ func (c *Config) Get(key, fallback string) string {
 	return value
 }
 
-// GetInt returns a config parameter as integer.
-func (c *Config) GetInt(key string, fallback int) int {
+func (c *Config) getInt(key string, fallback int) int {
 	value := os.Getenv(key)
 	if value == "" {
 		return fallback
@@ -53,62 +50,87 @@ func (c *Config) GetInt(key string, fallback int) int {
 
 // BaseURL returns the application base URL.
 func (c *Config) BaseURL() string {
-	return c.Get("BASE_URL", DefaultBaseURL)
+	return c.get("BASE_URL", defaultBaseURL)
 }
 
 // DatabaseURL returns the database URL.
 func (c *Config) DatabaseURL() string {
-	return c.Get("DATABASE_URL", DefaultDatabaseURL)
+	return c.get("DATABASE_URL", defaultDatabaseURL)
 }
 
 // DatabaseMaxConnections returns the number of maximum database connections.
 func (c *Config) DatabaseMaxConnections() int {
-	return c.GetInt("DATABASE_MAX_CONNS", DefaultDatabaseMaxConns)
+	return c.getInt("DATABASE_MAX_CONNS", defaultDatabaseMaxConns)
 }
 
 // ListenAddr returns the listen address for the HTTP server.
 func (c *Config) ListenAddr() string {
-	return c.Get("LISTEN_ADDR", DefaultListenAddr)
+	return c.get("LISTEN_ADDR", defaultListenAddr)
 }
 
 // CertFile returns the SSL certificate filename if any.
 func (c *Config) CertFile() string {
-	return c.Get("CERT_FILE", DefaultCertFile)
+	return c.get("CERT_FILE", defaultCertFile)
 }
 
 // KeyFile returns the private key filename for custom SSL certificate.
 func (c *Config) KeyFile() string {
-	return c.Get("KEY_FILE", DefaultKeyFile)
+	return c.get("KEY_FILE", defaultKeyFile)
 }
 
 // CertDomain returns the domain to use for Let's Encrypt certificate.
 func (c *Config) CertDomain() string {
-	return c.Get("CERT_DOMAIN", DefaultCertDomain)
+	return c.get("CERT_DOMAIN", defaultCertDomain)
 }
 
 // CertCache returns the directory to use for Let's Encrypt session cache.
 func (c *Config) CertCache() string {
-	return c.Get("CERT_CACHE", DefaultCertCache)
+	return c.get("CERT_CACHE", defaultCertCache)
 }
 
 // SessionCleanupFrequency returns the interval for session cleanup.
 func (c *Config) SessionCleanupFrequency() int {
-	return c.GetInt("SESSION_CLEANUP_FREQUENCY", DefaultSessionCleanupFrequency)
+	return c.getInt("SESSION_CLEANUP_FREQUENCY", defaultSessionCleanupFrequency)
 }
 
 // WorkerPoolSize returns the number of background worker.
 func (c *Config) WorkerPoolSize() int {
-	return c.GetInt("WORKER_POOL_SIZE", DefaultWorkerPoolSize)
+	return c.getInt("WORKER_POOL_SIZE", defaultWorkerPoolSize)
 }
 
 // PollingFrequency returns the interval to refresh feeds in the background.
 func (c *Config) PollingFrequency() int {
-	return c.GetInt("POLLING_FREQUENCY", DefaultPollingFrequency)
+	return c.getInt("POLLING_FREQUENCY", defaultPollingFrequency)
 }
 
 // BatchSize returns the number of feeds to send for background processing.
 func (c *Config) BatchSize() int {
-	return c.GetInt("BATCH_SIZE", DefaultBatchSize)
+	return c.getInt("BATCH_SIZE", defaultBatchSize)
+}
+
+// IsOAuth2UserCreationAllowed returns true if user creation is allowed for OAuth2 users.
+func (c *Config) IsOAuth2UserCreationAllowed() bool {
+	return c.getInt("OAUTH2_USER_CREATION", 0) == 1
+}
+
+// OAuth2ClientID returns the OAuth2 Client ID.
+func (c *Config) OAuth2ClientID() string {
+	return c.get("OAUTH2_CLIENT_ID", "")
+}
+
+// OAuth2ClientSecret returns the OAuth2 client secret.
+func (c *Config) OAuth2ClientSecret() string {
+	return c.get("OAUTH2_CLIENT_SECRET", "")
+}
+
+// OAuth2RedirectURL returns the OAuth2 redirect URL.
+func (c *Config) OAuth2RedirectURL() string {
+	return c.get("OAUTH2_REDIRECT_URL", "")
+}
+
+// OAuth2Provider returns the name of the OAuth2 provider configured.
+func (c *Config) OAuth2Provider() string {
+	return c.get("OAUTH2_PROVIDER", "")
 }
 
 // NewConfig returns a new Config.
diff --git a/template/template.go b/template/template.go
index 0e45c3d1..e392dad1 100644
--- a/template/template.go
+++ b/template/template.go
@@ -39,7 +39,7 @@ func (e *Engine) parseAll() {
 			return e.cfg.BaseURL()
 		},
 		"hasOAuth2Provider": func(provider string) bool {
-			return e.cfg.Get("OAUTH2_PROVIDER", "") == provider
+			return e.cfg.OAuth2Provider() == provider
 		},
 		"hasKey": func(dict map[string]string, key string) bool {
 			if value, found := dict[key]; found {
diff --git a/ui/oauth2.go b/ui/oauth2.go
index 12ca5723..4afc7d8e 100644
--- a/ui/oauth2.go
+++ b/ui/oauth2.go
@@ -11,6 +11,7 @@ import (
 	"github.com/miniflux/miniflux/logger"
 	"github.com/miniflux/miniflux/model"
 	"github.com/miniflux/miniflux/oauth2"
+
 	"github.com/tomasen/realip"
 )
 
@@ -102,7 +103,7 @@ func (c *Controller) OAuth2Callback(ctx *handler.Context, request *handler.Reque
 	}
 
 	if user == nil {
-		if c.cfg.GetInt("OAUTH2_USER_CREATION", 0) == 0 {
+		if !c.cfg.IsOAuth2UserCreationAllowed() {
 			response.HTML().Forbidden()
 			return
 		}
@@ -163,8 +164,8 @@ func (c *Controller) OAuth2Unlink(ctx *handler.Context, request *handler.Request
 
 func getOAuth2Manager(cfg *config.Config) *oauth2.Manager {
 	return oauth2.NewManager(
-		cfg.Get("OAUTH2_CLIENT_ID", ""),
-		cfg.Get("OAUTH2_CLIENT_SECRET", ""),
-		cfg.Get("OAUTH2_REDIRECT_URL", ""),
+		cfg.OAuth2ClientID(),
+		cfg.OAuth2ClientSecret(),
+		cfg.OAuth2RedirectURL(),
 	)
 }