diff --git a/inventory/group_vars/resultsdb-dev b/inventory/group_vars/resultsdb-dev
index ce246078ae..179aed526a 100644
--- a/inventory/group_vars/resultsdb-dev
+++ b/inventory/group_vars/resultsdb-dev
@@ -54,6 +54,7 @@ execdb_secret_key: "{{ dev_execdb_secret_key }}"
 ############################################################
 # vault details
 ############################################################
+vault_public_url: "https://taskotron-dev.fedoraproject.org/vault"
 vault_db_host_machine: db-qa01.qa.fedoraproject.org
 vault_db_host: "{{ vault_db_host_machine }}"
 vault_db_port: 5432
diff --git a/roles/taskotron/vault/tasks/main.yml b/roles/taskotron/vault/tasks/main.yml
index c5a95ea412..b0e4ed6974 100644
--- a/roles/taskotron/vault/tasks/main.yml
+++ b/roles/taskotron/vault/tasks/main.yml
@@ -35,6 +35,14 @@
 - name: ensure selinux lets httpd talk to postgres
   seboolean: name=httpd_can_network_connect_db persistent=yes state=yes
 
+- name: register with iddev
+  command: python /usr/lib/python2.7/site-packages/flask_oidc/registration_util.py https://iddev.fedorainfracloud.org {{ vault_public_url }}
+  args:
+      chdir: /etc/vault
+      creates: /etc/vault/client_secrets.json
+  notify:
+    - reload httpd
+
 - name: generate vault config
   template: src=settings.py.j2 dest=/etc/vault/settings.py owner=root group=root mode=0644
   notify:
diff --git a/roles/taskotron/vault/templates/settings.py.j2 b/roles/taskotron/vault/templates/settings.py.j2
index 845d4f6bb3..47c99eee6e 100644
--- a/roles/taskotron/vault/templates/settings.py.j2
+++ b/roles/taskotron/vault/templates/settings.py.j2
@@ -7,3 +7,8 @@ SYSLOG_LOGGING = False
 STREAM_LOGGING = True
 
 MASTERKEY = '{{vault_masterkey}}'
+
+OIDC_CLIENT_SECRETS = '/etc/vault/client_secrets.json'
+OIDC_ID_TOKEN_COOKIE_SECURE = True
+OVERWRITE_REDIRECT_URI = '{{vault_public_url}}/oidc_callback'
+OIDC_SCOPES = ['openid', 'email', 'profile', 'https://id.fedoraproject.org/scope/groups', 'https://id.fedoraproject.org/scope/cla', ]