diff --git a/roles/openshift-apps/waiverdb/templates/secret.yml b/roles/openshift-apps/waiverdb/templates/secret.yml
index f85cd27b96..bbddb92cec 100644
--- a/roles/openshift-apps/waiverdb/templates/secret.yml
+++ b/roles/openshift-apps/waiverdb/templates/secret.yml
@@ -8,27 +8,20 @@ stringData:
 {% if env == 'staging' %}
   flask-secret-key: "{{stg_waiverdb_secret_key}}"
   database-password: "{{stg_waiverdb_db_password}}"
-  # This is the same non-secret config we have committed
-  # as conf/client_secrets.json for using in dev environments.
-  client_secrets.json: |-
-    {"web": {
-      "redirect_uris": ["https://waiverdb-waiverdb.app.os.stg.fedoraproject.org/"],
-      "token_uri": "https://iddev.fedorainfracloud.org/openidc/Token",
-      "auth_uri": "https://iddev.fedorainfracloud.org/openidc/Authorization",
-      "client_id": "D-e69a1ac7-30fa-4d18-9001-7468c4f34c3c",
-      "client_secret": "qgz8Bzjg6nO7JWCXoB0o8L49KfI5atLF",
-      "userinfo_uri": "https://iddev.fedorainfracloud.org/openidc/UserInfo",
-      "token_introspection_uri": "https://iddev.fedorainfracloud.org/openidc/TokenInfo"}}
 {% else %}
   flask-secret-key: "{{prod_waiverdb_secret_key}}"
   database-password: "{{prod_waiverdb_db_password}}"
+{% endif %}
   client_secrets.json: |-
     {"web": {
       "redirect_uris": ["https://waiverdb-waiverdb.app.os.fedoraproject.org/"],
       "token_uri": "https://id{{ env_suffix }}.fedoraproject.org/openidc/Token",
       "auth_uri": "https://id{{ env_suffix }}.fedoraproject.org/openidc/Authorization",
       "client_id": "waiverdb",
+{% if env == 'staging' %}
+      "client_secret": "{{ stg_waiverdb_oidc_secret }}",
+{% else %}
       "client_secret": "{{ prod_waiverdb_oidc_secret }}",
+{% endif %}
       "userinfo_uri": "https://id{{ env_suffix }}.fedoraproject.org/openidc/UserInfo",
       "token_introspection_uri": "https://id{{ env_suffix }}.fedoraproject.org/openidc/TokenInfo"}}
-{% endif %}