diff --git a/.env.sample b/.env.sample
index 461d497..c9b1eae 100644
--- a/.env.sample
+++ b/.env.sample
@@ -6,8 +6,22 @@ LETS_ENCRYPT_ENV=production
 COOKIE_DOMAIN=example.com
 AUTH_HOST=auth.example.com
 
-OIDC_ISSUER_URL=https://id.example.com/auth/realms/yourrealm
-OIDC_CLIENT_ID=traefik-forward-auth
+SECRET_SECRET_NONCE_VERSION=v1
 
-SERCRET_NONCE_VERSION=v1
-OIDC_CLIENT_SECRET_VERSION=v1
+COMPOSE_FILE=compose.yml
+
+#COMPOSE_FILE=$COMPOSE_FILE:compose.oidc.yml
+#OIDC_ENABLED=1
+#OIDC_CLIENT_SECRET_VERSION=v1
+#OIDC_ISSUER_URL=https://id.example.com/auth/realms/yourrealm
+#OIDC_CLIENT_ID=traefik-forward-auth
+#SECRET_OIDC_CLIENT_SECRET_VERSION=v1
+
+#COMPOSE_FILE=$COMPOSE_FILE:compose.oauth.yml
+#OAUTH_ENABLED=1
+#OAUTH_CLIENT_SECRET_VERSION=v1
+#OAUTH_CLIENT_ID=traefik-forward-auth
+#OAUTH_USER_URL
+#OAUTH_TOKEN_URL
+#OAUTH_AUTH_URL
+#SECRET_OAUTH_CLIENT_SECRET_VERSION=v1
diff --git a/abra.sh b/abra.sh
index e23617c..0b55ded 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1 +1 @@
-export FORWARD_INI_VERSION=v1
+export FORWARD_INI_VERSION=v2
diff --git a/compose.oauth.yml b/compose.oauth.yml
new file mode 100644
index 0000000..827b1a5
--- /dev/null
+++ b/compose.oauth.yml
@@ -0,0 +1,18 @@
+---
+version: "3.8"
+
+services:
+  traefik-forward-auth:
+    environment:
+      - OAUTH_CLIENT_ID
+      - OAUTH_AUTH_URL
+      - OAUTH_TOKEN_URL
+      - OAUTH_USER_URL
+      - OAUTH_ENABLED
+    secrets:
+      - oauth_client_secret
+
+secrets:
+  oauth_client_secret:
+    name: ${STACK_NAME}_oauth_client_secret_${SECRET_OAUTH_CLIENT_SECRET_VERSION}
+    external: true
diff --git a/compose.oidc.yml b/compose.oidc.yml
new file mode 100644
index 0000000..1987672
--- /dev/null
+++ b/compose.oidc.yml
@@ -0,0 +1,16 @@
+---
+version: "3.8"
+
+services:
+  traefik-forward-auth:
+    environment:
+      - OIDC_CLIENT_ID
+      - OIDC_ISSUER_URL
+      - OIDC_ENABLED
+    secrets:
+      - oidc_client_secret
+
+secrets:
+  oidc_client_secret:
+    name: ${STACK_NAME}_oidc_client_secret_${OIDC_CLIENT_SECRET_VERSION}
+    external: true
diff --git a/compose.yml b/compose.yml
index c925593..a34d366 100644
--- a/compose.yml
+++ b/compose.yml
@@ -11,12 +11,9 @@ services:
       - proxy
     environment:
       - CONFIG=/etc/forward.ini
-      - OIDC_CLIENT_ID=${OIDC_CLIENT_ID}
-      - OIDC_ISSUER_URL=${OIDC_ISSUER_URL}
       - COOKIE_DOMAIN=${COOKIE_DOMAIN}
       - AUTH_HOST=${AUTH_HOST}
     secrets:
-      - oidc_client_secret
       - secret_nonce
     deploy:
       labels:
@@ -40,8 +37,5 @@ configs:
 
 secrets:
   secret_nonce:
-    name: ${STACK_NAME}_secret_nonce_${SERCRET_NONCE_VERSION}
-    external: true
-  oidc_client_secret:
-    name: ${STACK_NAME}_oidc_client_secret_${OIDC_CLIENT_SECRET_VERSION}
+    name: ${STACK_NAME}_secret_nonce_${SECRET_SECRET_NONCE_VERSION}
     external: true
diff --git a/forward.ini.tmpl b/forward.ini.tmpl
index dd2a890..4ed3194 100644
--- a/forward.ini.tmpl
+++ b/forward.ini.tmpl
@@ -3,7 +3,18 @@ log-level = info
 cookie-domain = {{ env "COOKIE_DOMAIN" }}
 auth-host = {{ env "AUTH_HOST" }}
 
+{{ if eq (env "OIDC_ENABLED") "1" }}
 default-provider = oidc
 providers.oidc.issuer-url = {{ env "OIDC_ISSUER_URL" }}
 providers.oidc.client-id = {{ env "OIDC_CLIENT_ID" }}
 providers.oidc.client-secret = {{ secret "oidc_client_secret" }}
+{{ end }}
+
+{{ if eq (env "OAUTH_ENABLED") "1" }}
+default-provider = generic-oauth
+providers.generic-oauth.client-id = {{ env "OAUTH_CLIENT_ID" }}
+providers.generic-oauth.auth-url = {{ env "OAUTH_AUTH_URL" }}
+providers.generic-oauth.token-url = {{ env "OAUTH_TOKEN_URL" }}
+providers.generic-oauth.user-url = {{ env "OAUTH_USER_URL" }}
+providers.generic-oauth.client-secret = {{ secret "oauth_client_secret" }}
+{{ end }}