diff --git a/.env.sample b/.env.sample
index bfd76f4..536afd5 100644
--- a/.env.sample
+++ b/.env.sample
@@ -21,6 +21,7 @@ SECRET_RUNNER_TOKEN_VERSION=v1
 SSO=false
 ## Authentik Configuration
 # SSO=true
-# SSO_PROVIDER_URL="https://authentik.mydomain.com/application/o/gitlab/"
 # ORG_NAME="My Organization"
+# SSO_PROVIDER_URL="https://authentik.mydomain.com/application/o/gitlab/"
+# SSO_PROVIDER_ID="your authentik Client ID"
 # SECRET_SSO_PROVIDER_SECRET_VERSION=v1
diff --git a/gitlab.rb.tmpl b/gitlab.rb.tmpl
index 607540b..e51b7dd 100644
--- a/gitlab.rb.tmpl
+++ b/gitlab.rb.tmpl
@@ -579,7 +579,7 @@ gitlab_rails['omniauth_providers'] = [
       "client_auth_method" => "query",
       "send_scope_to_token_endpoint" => "false",
       "client_options" => {
-        "identifier" => "gitlab",
+        "identifier" => "{{ env "SSO_PROVIDER_ID" }}",
         "secret" => "{{ secret "sso_provider_secret" }}",
         "redirect_uri" => "https://{{ env "DOMAIN" }}/users/auth/openid_connect/callback"
       }