diff --git a/apps/charts/coder/templates/oidc.yaml b/apps/charts/coder/templates/oidc.yaml
new file mode 100644
index 0000000..c13745f
--- /dev/null
+++ b/apps/charts/coder/templates/oidc.yaml
@@ -0,0 +1 @@
+{{ include "common.oidc" . }}
diff --git a/apps/charts/coder/values.yaml b/apps/charts/coder/values.yaml
index 021088a..9930b97 100644
--- a/apps/charts/coder/values.yaml
+++ b/apps/charts/coder/values.yaml
@@ -10,19 +10,25 @@ deployment:
   strategy: Recreate
   replicas: 1
   revisionHistoryLimit: 0
-  serviceAccountName: "{release}-serviceaccount"  # Will be templated
+  serviceAccountName: "{release}-serviceaccount" # Will be templated
 
 # Container configuration
 container:
   port: 7080
   healthProbe:
     type: tcpSocket
-    port: http  # Use named port
+    port: http # Use named port
 
 # Service configuration
 service:
   port: 80
   type: ClusterIP
+  #
+# OIDC client
+oidc:
+  enabled: true
+  redirectUris:
+    - "/api/v2/users/oidc/callback"
 
 # Volume configuration
 volumes:
@@ -49,7 +55,7 @@ env:
   CODER_OIDC_GROUP_FIELD: groups
   CODER_ACCESS_URL:
     value: "https://{subdomain}.{domain}"
-  CODER_OIDC_ICON_URL: "https://authentik.olsen.cloud/static/dist/assets/icons/icon.png"
+  CODER_OIDC_ICON_URL: "https://{subdomain}.{domain}/static/dist/assets/icons/icon.png"
   CODER_DISABLE_PASSWORD_AUTH: "true"
   CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS: "false"
   CODER_OIDC_SIGN_IN_TEXT: "Sign in with OIDC"
@@ -57,15 +63,15 @@ env:
   CODER_OIDC_ISSUER_URL:
     valueFrom:
       secretKeyRef:
-        name: "{release}-client"
-        key: configurationIssuer
+        name: "{release}-oidc-credentials"
+        key: issuer
   CODER_OIDC_CLIENT_ID:
     valueFrom:
       secretKeyRef:
-        name: "{release}-client"
+        name: "{release}-oidc-credentials"
         key: clientId
   CODER_OIDC_CLIENT_SECRET:
     valueFrom:
       secretKeyRef:
-        name: "{release}-client"
+        name: "{release}-oidc-credentials"
         key: clientSecret