diff --git a/konnect/wrapper.sh b/konnect/wrapper.sh
index cc124cc..d00263c 100755
--- a/konnect/wrapper.sh
+++ b/konnect/wrapper.sh
@@ -98,7 +98,7 @@ if [ "${external_oidc_provider:-}" = "yes" ]; then
 	yq -y -s '.[0] + .[1]' /etc/kopano/konnectd-identifier-registration.yaml "${identifier_registration_conf:?}" | sponge "$CONFIG_JSON"
 
 	echo "Patching identifier registration for external OIDC provider"
-	echo "authorities: [{name: ${external_oidc_name:-}, default: yes, iss: ${external_oidc_url:-}, client_id: ${external_oidc_clientid:-}, client_secret: ${external_oidc_clientsecret:-}, authority_type: oidc, response_type: id_token, scopes: [openid, profile, email]}]" >> /tmp/authority.yml
+	echo "authorities: [{name: ${external_oidc_name:-}, default: yes, iss: ${external_oidc_url:-}, client_id: ${external_oidc_clientid:-}, client_secret: ${external_oidc_clientsecret:-}, authority_type: oidc, response_type: id_token, scopes: [openid, profile, email], trusted: yes, end_session_enabled: true}]" >> /tmp/authority.yml
 	yq -y -s '.[0] + .[1]' $CONFIG_JSON /tmp/authority.yml | sponge "$identifier_registration_conf"
 fi