diff --git a/manifests/platform/argocd/operator/components/argocd.yaml b/manifests/platform/argocd/operator/components/argocd.yaml
index 7831167..30c9a78 100644
--- a/manifests/platform/argocd/operator/components/argocd.yaml
+++ b/manifests/platform/argocd/operator/components/argocd.yaml
@@ -100,13 +100,12 @@ spec:
         memory: 128Mi
     route:
       enabled: true
-  # sso:
-  #   dex:
-  #     resources:
-  #       limits:
-  #         cpu: 500m
-  #         memory: 256Mi
-  #       requests:
-  #         cpu: 250m
-  #         memory: 128Mi
-  #   provider: dex
+  oidcConfig: |
+    name: azure
+    issuer: https://login.microsoftonline.com/<path:projects/648542105177/secrets/azure_tenant_id#azure_tenant_id>/v2.0
+    clientID: <path:projects/648542105177/secrets/azure_client_id#azure_client_id>
+    clientSecret: <path:projects/648542105177/secrets/azure_client_secret#azure_client_secret>
+    # Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"]
+    requestedScopes: ["openid", "profile", "email"]
+    # Optional set of OIDC claims to request on the ID token.
+    requestedIDTokenClaims: {"groups": {"essential": true}}
diff --git a/manifests/platform/argocd/operator/components/kustomization.yaml b/manifests/platform/argocd/operator/components/kustomization.yaml
index f8c5fa7..1f72832 100644
--- a/manifests/platform/argocd/operator/components/kustomization.yaml
+++ b/manifests/platform/argocd/operator/components/kustomization.yaml
@@ -5,4 +5,5 @@ resources:
   - argocd.yaml
   - avp-cmp-plugin.yaml
   - google-creds-configmap.yaml
+  - serviceaccount.yaml
   - subscription.yaml
diff --git a/terraform/okd/main.tf b/terraform/okd/main.tf
index e76c544..2e326c5 100644
--- a/terraform/okd/main.tf
+++ b/terraform/okd/main.tf
@@ -161,18 +161,7 @@ resource "azuread_application" "okd_cluster" {
         redirect_uris = [
             "https://oauth-openshift.apps.okd.jenniferpweir.com/oauth2callback/Azure_AD",
             "https://console-openshift-console.apps.okd.jenniferpweir.com/auth/callback",
+            "https://argocd-server-argocd.apps.okd.jenniferpweir.com/auth/callback"
         ]
     }
 }
-
-resource "azuread_service_principal" "okd_cluster" {
-    client_id = azuread_application.okd_cluster.client_id
-}
-
-resource "azuread_application_federated_identity_credential" "okd_cluster_byo_oidc" {
-    application_id = azuread_application.okd_cluster.id
-    display_name   = "okd-cluster-byo-oidc"
-    issuer         = "https://storage.googleapis.com/jennweir-homelab"
-    subject        = "system:serviceaccount:openshift-config:oauth-reader"
-    audiences      = ["api://AzureADTokenExchange"]
-}