diff --git a/config/dev.exs b/config/dev.exs
index 7b4df11..038af99 100644
--- a/config/dev.exs
+++ b/config/dev.exs
@@ -90,6 +90,8 @@ config :mv, :secret_key_base, "ryn7D6ssmIHQFWIks2sFiTGATgwwAR1+3bN8p7fy6qVtB8qnx
 # Signing Secret for Authentication
 config :mv, :token_signing_secret, "IwUwi65TrEeExwBXXFPGm2I7889NsL"
 
-config :mv,
-       :oicd_client_secret,
-       "auhoZABKjohxhmeVCIDzMMUkBOtDQjPKiQiFQwmIogfaPPvBOeqtvnEJuTYIWcIc"
+config :mv, :rauthy,
+  client_id: "mv",
+  base_url: "http://localhost:8080/auth/v1",
+  client_secret: "GWGkEWBLRAzZruXhipQKSjeaOtwZtKdETBABHLAXVoqrhsJoXUOsIDfNVOXCQUEv",
+  redirect_uri: "http://localhost:4000/auth/user/rauthy/callback"
diff --git a/lib/accounts/user.ex b/lib/accounts/user.ex
index a7191a8..009b5a1 100644
--- a/lib/accounts/user.ex
+++ b/lib/accounts/user.ex
@@ -32,15 +32,12 @@ defmodule Mv.Accounts.User do
 
     strategies do
       oidc :rauthy do
-        client_id "mv"
-        base_url "http://localhost:8080/auth/v1"
-        redirect_uri "http://localhost:4000/auth/user/rauthy/callback"
+        client_id Mv.Secrets
+        base_url Mv.Secrets
+        redirect_uri Mv.Secrets
+        client_secret Mv.Secrets
         auth_method :client_secret_jwt
         code_verifier true
-
-        client_secret fn _, _ ->
-          Application.fetch_env(:mv, :oicd_client_secret)
-        end
       end
 
       password :password do
diff --git a/lib/mv/secrets.ex b/lib/mv/secrets.ex
new file mode 100644
index 0000000..2e397d2
--- /dev/null
+++ b/lib/mv/secrets.ex
@@ -0,0 +1,26 @@
+defmodule Mv.Secrets do
+  use AshAuthentication.Secret
+
+  def secret_for([:authentication, :strategies, :rauthy, :client_id], Mv.Accounts.User, _opts, _meth) do
+    get_config(:client_id)
+  end
+
+  def secret_for([:authentication, :strategies, :rauthy, :redirect_uri], Mv.Accounts.User, _opts, _meth) do
+    get_config(:redirect_uri)
+  end
+
+  def secret_for([:authentication, :strategies, :rauthy, :client_secret], Mv.Accounts.User, _opts, _meth) do
+    get_config(:client_secret)
+  end
+
+  def secret_for([:authentication, :strategies, :rauthy, :base_url], Mv.Accounts.User, _opts, _meth) do
+    get_config(:base_url)
+  end
+
+  defp get_config(key) do
+    :mv
+    |> Application.fetch_env!(:rauthy)
+    |> Keyword.fetch!(key)
+    |> then(&{:ok, &1})
+  end
+end