diff --git a/template/stacks/core/argocd/values.yaml b/template/stacks/core/argocd/values.yaml
index 729db4c..cc5d937 100644
--- a/template/stacks/core/argocd/values.yaml
+++ b/template/stacks/core/argocd/values.yaml
@@ -5,7 +5,7 @@ configs:
   params:
     server.insecure: true
     server.basehref: /argocd
-    server.rootpath: /argocd
+    # server.rootpath: /argocd
   cm:
     application.resourceTrackingMethod: annotation
     timeout.reconciliation: 60s
@@ -21,6 +21,12 @@ configs:
         clusters:
         - "*"
     accounts.provider-argocd: apiKey
+    oidc.config: |
+      name: Keycloak
+      issuer: https://factory-192-168-198-2.traefik.me/keycloak/realms/cnoe
+      clientID: argocd
+      clientSecret: $keycloak-oidc:clientSecret
+      requestedScopes: ["openid", "profile", "email", "groups"]
   rbac:
     policy.csv: 'g, provider-argocd, role:admin'
 
diff --git a/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml b/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml
index 3d1e93a..037ccde 100644
--- a/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml
+++ b/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml
@@ -474,8 +474,8 @@ spec:
                 -X PUT  ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID}
               
               ARGOCD_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \
-              -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
-              -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret')  
+                -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \
+                -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret')  
               
               ARGOCD_PASSWORD=$(./kubectl -n argocd get secret argocd-initial-admin-secret -o go-template='{{.data.password | base64decode }}')