diff --git a/ocm/client.go b/ocm/client.go
index b658a2a9db9a878545e1d53c18ede72c6ad4548c..862b1c3fbd0ce1514988731c3fbc3d1c0aa3b34d 100644
--- a/ocm/client.go
+++ b/ocm/client.go
@@ -6,6 +6,12 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"net/url"
+)
+
+const (
+	proofOutOfBandPath    = "/proof/v1/out-of-band-proof"
+	proofPresentationPath = "/proof/v1/find-by-presentation-id"
 )
 
 // Client is the OCM service client
@@ -30,12 +36,18 @@ func New(addr string, opts ...Option) *Client {
 
 // GetLoginProofInvitation calls the "invitation" endpoint on
 // the "out-of-band" protocol in the OCM.
-func (c *Client) GetLoginProofInvitation(ctx context.Context, query string) (*LoginProofInvitationResponse, error) {
-	req, err := http.NewRequestWithContext(ctx, "POST", c.addr+"/proof/v1/out-of-band-proof?"+query, nil)
+func (c *Client) GetLoginProofInvitation(ctx context.Context, credTypes []string) (*LoginProofInvitationResponse, error) {
+	req, err := http.NewRequestWithContext(ctx, "POST", c.addr+proofOutOfBandPath, nil)
 	if err != nil {
 		return nil, err
 	}
 
+	v := url.Values{}
+	for _, t := range credTypes {
+		v.Add("type", t)
+	}
+	req.URL.RawQuery = v.Encode()
+
 	resp, err := c.httpClient.Do(req)
 	if err != nil {
 		return nil, err
@@ -43,7 +55,7 @@ func (c *Client) GetLoginProofInvitation(ctx context.Context, query string) (*Lo
 	defer resp.Body.Close() // nolint:errcheck
 
 	if resp.StatusCode != http.StatusCreated && resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("unexpected response code: %d", resp.StatusCode)
+		return nil, fmt.Errorf("unexpected response code: %s", resp.Status)
 	}
 
 	bytes, err := io.ReadAll(resp.Body)
@@ -61,11 +73,15 @@ func (c *Client) GetLoginProofInvitation(ctx context.Context, query string) (*Lo
 
 // GetLoginProofResult calls the "find-by-presentation-id" endpoint in the OCM.
 func (c *Client) GetLoginProofResult(ctx context.Context, presentationID string) (*LoginProofResultResponse, error) {
-	req, err := http.NewRequestWithContext(ctx, "GET", c.addr+"/proof/v1/find-by-presentation-id?presentationId="+presentationID, nil)
+	req, err := http.NewRequestWithContext(ctx, "GET", c.addr+proofPresentationPath, nil)
 	if err != nil {
 		return nil, err
 	}
 
+	v := url.Values{}
+	v.Add("presentationId", presentationID)
+	req.URL.RawQuery = v.Encode()
+
 	resp, err := c.httpClient.Do(req)
 	if err != nil {
 		return nil, err
@@ -73,7 +89,7 @@ func (c *Client) GetLoginProofResult(ctx context.Context, presentationID string)
 	defer resp.Body.Close() // nolint:errcheck
 
 	if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("unexpected response code: %d", resp.StatusCode)
+		return nil, fmt.Errorf("unexpected response code: %s", resp.Status)
 	}
 
 	bytes, err := io.ReadAll(resp.Body)