diff --git a/apps/wordpress/presentation.tf b/apps/wordpress/presentation.tf
index f5c5106..f65da6e 100644
--- a/apps/wordpress/presentation.tf
+++ b/apps/wordpress/presentation.tf
@@ -11,7 +11,7 @@ locals {
   dns_name = "${var.sub_domain}.${var.domain_name}"
   dns_names = [local.dns_name]
   app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance)
-  icon              = "wp-admin/load-styles.php?c=0&dir=ltr&load%5Bchunk_0%5D=dashicons,admin-bar,common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,wp-pointer,widgets&load%5Bchunk_1%5D=,site-icon,l10n,buttons,wp-auth-check"
+  icon              = "load-styles.php?c=0&dir=ltr&load%5Bchunk_0%5D=dashicons,admin-bar,common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,wp-pointer,widgets&load%5Bchunk_1%5D=,site-icon,l10n,buttons,wp-auth-check"
   request_headers = {
     "Content-Type"  = "application/json"
     Authorization   = "Bearer ${data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"]}"
@@ -51,7 +51,7 @@ module "application" {
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
-  dns_name          = local.dns_name
+  dns_name          = "${local.dns_name}/wp-admin"
   icon              = local.icon
   protocol_provider = module.oauth2.provider-id
   providers = {
diff --git a/apps/wordpress/wordpress_ConfigMap.tf b/apps/wordpress/wordpress_ConfigMap.tf
index 1476d39..7b783b6 100644
--- a/apps/wordpress/wordpress_ConfigMap.tf
+++ b/apps/wordpress/wordpress_ConfigMap.tf
@@ -50,6 +50,13 @@ resource "kubectl_manifest" "wordpress_files" {
       "vynil-configurator.sh": |-
         #!/usr/bin/env bash
         set -ex
+        set_opt() {
+          if wp option get "$1" >/dev/null 2>&1;then
+            wp option update --format=json "$1" "$2"
+          else
+            wp option add --format=json "$1" "$2"
+          fi
+        }
         if [ ! -f "$(pwd)/wp-config.php" ];then
           echo "$${WORDPRESS_CONFIG_EXTRA}" | wp config create --dbname="$${WORDPRESS_DB_NAME}" --dbuser="$${WORDPRESS_DB_USER}" --dbpass="$${WORDPRESS_DB_PASSWORD}" --dbhost="$${WORDPRESS_DB_HOST}" --extra-php
         fi
@@ -78,11 +85,13 @@ resource "kubectl_manifest" "wordpress_files" {
           wp language plugin install --all $WORDPRESS_LOCALE
           wp language core activate $WORDPRESS_LOCALE
         fi
-        if wp option get mo_oauth_apps_list >/dev/null 2>&1;then
-          wp option update --format=json mo_oauth_apps_list "$WORDPRESS_SSO_CONFIG"
-        else
-          wp option add --format=json mo_oauth_apps_list "$WORDPRESS_SSO_CONFIG"
-        fi
+        set_opt mo_oauth_apps_list "$WORDPRESS_SSO_CONFIG"
+        set_opt mo_debug_check '"0"'
+        set_opt mo_oauth_client_new_registration '"true"'
+        set_opt mo_oc_valid_discovery_ep '"1"'
+        set_opt mo_discovery_validation '"valid"'
+        set_opt mo_attr_option  '"automatic"'
+        set_opt mo_debug_enable '"on"'
         for ADMIN in $(echo "$WORDPRESS_ADMINS"|sed 's/;/ /g;s/,/ /g');do
           if wp user get $ADMIN >/dev/null 2>&1;then
             wp user add-role $ADMIN administrator