diff --git a/consent/handler.go b/consent/handler.go
index b989ec9e389..4af6a9751a3 100644
--- a/consent/handler.go
+++ b/consent/handler.go
@@ -172,9 +172,9 @@ func (h *Handler) GetConsentSessions(w http.ResponseWriter, r *http.Request, ps
 		h.H.WriteError(w, r, errors.WithStack(fosite.ErrInvalidRequest.WithDebug("Parameter user is not defined")))
 		return
 	}
-	limit, offset := pagination.Parse(r, 100, 0, 500)
 
-	sessions, err := h.M.FindPreviouslyGrantedConsentRequestsByUser(r.Context(), user, limit, offset)
+	limit, offset := pagination.Parse(r, 100, 0, 500)
+	s, err := h.M.FindPreviouslyGrantedConsentRequestsByUser(r.Context(), user, limit, offset)
 	if errors.Cause(err) == ErrNoPreviousConsentFound {
 		h.H.Write(w, r, []PreviousConsentSession{})
 		return
@@ -185,7 +185,7 @@ func (h *Handler) GetConsentSessions(w http.ResponseWriter, r *http.Request, ps
 
 	var a []PreviousConsentSession
 
-	for _, session := range sessions {
+	for _, session := range s {
 		session.ConsentRequest.Client = sanitizeClient(session.ConsentRequest.Client)
 		a = append(a, PreviousConsentSession(session))
 	}
diff --git a/consent/manager_sql.go b/consent/manager_sql.go
index d8e2acf9ace..aae750a5dd1 100644
--- a/consent/manager_sql.go
+++ b/consent/manager_sql.go
@@ -409,7 +409,8 @@ WHERE
 		r.subject=? AND r.client_id=? AND r.skip=FALSE
 	AND
 		(h.error='{}' AND h.remember=TRUE)
-`), subject, client); err != nil {
+ORDER BY h.requested_at
+LIMIT 1`), subject, client); err != nil {
 		if err == sql.ErrNoRows {
 			return nil, errors.WithStack(ErrNoPreviousConsentFound)
 		}
@@ -430,6 +431,7 @@ WHERE
 		r.subject=? AND r.skip=FALSE
 	AND
 		(h.error='{}' AND h.remember=TRUE)
+ORDER BY h.requested_at
 LIMIT ? OFFSET ?
 `), subject, limit, offset); err != nil {
 		return nil, sqlcon.HandleError(err)