diff --git a/konnect/wrapper.sh b/konnect/wrapper.sh
index e61bcc1..df6d75c 100755
--- a/konnect/wrapper.sh
+++ b/konnect/wrapper.sh
@@ -100,6 +100,17 @@ if [ "${external_oidc_provider:-}" = "yes" ]; then
 	echo "Patching identifier registration for external OIDC provider"
 	echo "authorities: [{name: ${external_oidc_name:-}, default: yes, iss: ${external_oidc_url:-}, client_id: ${external_oidc_clientid:-}, client_secret: ${external_oidc_clientsecret:-}, authority_type: oidc, response_type: id_token, scopes: [openid, profile, email], trusted: yes, end_session_enabled: true}]" >> /tmp/authority.yml
 	yq -y -s '.[0] + .[1]' $CONFIG_JSON /tmp/authority.yml | sponge "$identifier_registration_conf"
+
+	echo "Checking if external OIDC provider is reachable"
+	dockerize \
+		-wait "$external_oidc_url"/.well-known/openid-configuration \
+		-timeout "$DOCKERIZE_TIMEOUT"
+
+	reported_issuer=$(curl -s "$external_oidc_url/.well-known/openid-configuration" | jq -r .issuer)
+	if [ -n "${external_oidc_url##$reported_issuer}" ] ;then
+		echo "Error: The Issuer does not match the configured url"
+		exit 1
+	fi
 fi
 
 # source additional configuration from Konnect cfg (potentially overwrites env vars)