diff --git a/src/project/settings.py b/src/project/settings.py
index cae71a8..e33d402 100644
--- a/src/project/settings.py
+++ b/src/project/settings.py
@@ -42,6 +42,7 @@ THIRD_PARTY_APPS = [
     "allauth.account",
     "django_view_decorator",
     "django_registries",
+    "oauth2_provider",
 ]
 
 LOCAL_APPS = [
@@ -156,6 +157,21 @@ ACCOUNT_EMAIL_REQUIRED = True
 ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE = False
 ACCOUNT_USERNAME_REQUIRED = False
 
+# OAuth2 configuration
+OAUTH2_PROVIDER = {
+    "OIDC_ENABLED": True,
+    "OIDC_RSA_PRIVATE_KEY": env.str("OIDC_RSA_PRIVATE_KEY"),
+    # "OIDC_RSA_PRIVATE_KEYS_INACTIVE": [
+    #     env.str("OIDC_RSA_PRIVATE_KEY_2"),
+    #     env.str("OIDC_RSA_PRIVATE_KEY_3"),
+    # ],
+    "SCOPES": {
+        "openid": "OpenID Connect scope",
+        "profile": "Profile Information",
+    },
+    "PKCE_REQUIRED": False,  # this can be a callable - https://github.com/jazzband/django-oauth-toolkit/issues/711#issuecomment-497073038
+}
+
 # Logging
 # We want to log everything to stdout in docker
 LOGGING = {
diff --git a/src/project/urls.py b/src/project/urls.py
index 8de19c6..cdd63e3 100644
--- a/src/project/urls.py
+++ b/src/project/urls.py
@@ -7,6 +7,7 @@ from django_view_decorator import include_view_urls
 
 urlpatterns = [
     path("", include_view_urls(extra_modules=["project.views"])),
+    path("o/", include("oauth2_provider.urls", namespace="oauth2_provider")),
     path("accounts/", include("allauth.urls")),
     path("_admin/", admin.site.urls),
 ]