diff --git a/cmd/helper_server.go b/cmd/helper_server.go
index 8c974f56e2..85cb1b8423 100644
--- a/cmd/helper_server.go
+++ b/cmd/helper_server.go
@@ -50,53 +50,56 @@ func getHydraSDK() hydra.SDK {
 	return sdk
 }
 
-func refreshRules(m rule.Refresher, fails int) {
+func refreshRules(m rule.Refresher) {
 	duration, _ := time.ParseDuration(viper.GetString("RULES_REFRESH_INTERVAL"))
 	if duration == 0 {
 		duration = time.Second * 30
 	}
 
-	if err := m.Refresh(); err != nil {
-		logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh rules")
-		if fails > 15 {
-			logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
-		}
-
-		time.Sleep(time.Second * time.Duration(fails+1))
-		refreshRules(m, fails+1)
-		return
-	}
+	var fails int
+	for {
+		if err := m.Refresh(); err != nil {
+			logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh rules")
+			if fails > 15 {
+				logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
+			}
 
-	time.Sleep(duration)
+			time.Sleep(time.Second * time.Duration(fails+1))
 
-	refreshRules(m, 0)
+			fails++
+		} else {
+			time.Sleep(duration)
+			fails = 0
+		}
+	}
 }
 
-func refreshKeys(k rsakey.Manager, fails int) {
+func refreshKeys(k rsakey.Manager) {
 	duration, _ := time.ParseDuration(viper.GetString("CREDENTIALS_ISSUER_ID_TOKEN_JWK_REFRESH_INTERVAL"))
 	if duration == 0 {
 		duration = time.Minute * 5
 	}
 
-	if err := k.Refresh(); err != nil {
-		logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh keys for signing ID Token, 'id_token' credentials issuer will not work.")
-		//if fails > 15 {
-		//	logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
-		//}
-
-		wait := fails
-		if wait > 10 {
-			wait = 10
+	var fails int
+	for {
+		if err := k.Refresh(); err != nil {
+			logger.WithError(err).WithField("retry", fails).Errorln("Unable to refresh keys for signing ID Token, 'id_token' credentials issuer will not work.")
+			//if fails > 15 {
+			//	logger.WithError(err).WithField("retry", fails).Fatalf("Terminating after retry %d\n", fails)
+			//}
+
+			wait := fails
+			if wait > 10 {
+				wait = 10
+			}
+			time.Sleep(time.Second * time.Duration(wait^2))
+
+			fails++
+		} else {
+			fails = 0
+			time.Sleep(duration)
 		}
-		time.Sleep(time.Second * time.Duration(wait^2))
-
-		refreshKeys(k, fails+1)
-		return
 	}
-
-	time.Sleep(duration)
-
-	refreshKeys(k, 1)
 }
 
 func keyManagerFactory(l logrus.FieldLogger) (keyManager rsakey.Manager, err error) {
diff --git a/cmd/serve_api.go b/cmd/serve_api.go
index 3fb0804fbb..be06c5a45b 100644
--- a/cmd/serve_api.go
+++ b/cmd/serve_api.go
@@ -109,7 +109,7 @@ HTTP CONTROLS
 		n.UseHandler(router)
 		ch := cors.New(corsx.ParseOptions()).Handler(n)
 
-		go refreshKeys(keyManager, 0)
+		go refreshKeys(keyManager)
 
 		addr := fmt.Sprintf("%s:%s", viper.GetString("HOST"), viper.GetString("PORT"))
 		server := graceful.WithDefaults(&http.Server{
diff --git a/cmd/serve_proxy.go b/cmd/serve_proxy.go
index ae44539e83..58c8ccb0c6 100644
--- a/cmd/serve_proxy.go
+++ b/cmd/serve_proxy.go
@@ -159,8 +159,8 @@ OTHER CONTROLS
 			logger.WithError(err).Fatalln("Unable to initialize the ID Token signing algorithm")
 		}
 
-		go refreshRules(matcher, 0)
-		go refreshKeys(keyManager, 0)
+		go refreshRules(matcher)
+		go refreshKeys(keyManager)
 
 		var authorizers = []proxy.Authorizer{
 			proxy.NewAuthorizerAllow(),