diff --git a/roles/waiverdb/defaults/main.yml b/roles/waiverdb/defaults/main.yml
index 3aa22bebce..21c008102c 100644
--- a/roles/waiverdb/defaults/main.yml
+++ b/roles/waiverdb/defaults/main.yml
@@ -5,4 +5,4 @@ waiverdb_oidc_token_uri: 'https://iddev.fedorainfracloud.org/openidc/Token'
 waiverdb_oidc_client_id: 'D-eb5668aa-f962-4d9e-8131-4ef6d7840436'
 waiverdb_oidc_client_secret: 'QctUSOfqot6-XQd7YG0DeIAI81wlc7oD'
 waiverdb_oidc_token_introspection_uri: 'https://iddev.fedorainfracloud.org/openidc/TokenInfo'
-waiverdb_oidc_userinfo_uri: 'https://iddev.fedorainfracloud.org/openidc/UserInfo"'
+waiverdb_oidc_userinfo_uri: 'https://iddev.fedorainfracloud.org/openidc/UserInfo'
diff --git a/roles/waiverdb/tasks/main.yml b/roles/waiverdb/tasks/main.yml
index 7eac99c15d..7de38017b5 100644
--- a/roles/waiverdb/tasks/main.yml
+++ b/roles/waiverdb/tasks/main.yml
@@ -1,6 +1,10 @@
 ---
 - include: psql_setup.yml
 
+# Need to set selinux to permissive for now due to https://bugzilla.redhat.com/show_bug.cgi?id=1291940
+- name: switch selinux to permissive
+  selinux: policy=targeted state=permissive
+
 - name: install needed packages (yum)
   yum: pkg={{ item }} state=present
   with_items:
diff --git a/roles/waiverdb/templates/etc/waiverdb/settings.py.j2 b/roles/waiverdb/templates/etc/waiverdb/settings.py.j2
index d54c53b8e9..154b494e45 100644
--- a/roles/waiverdb/templates/etc/waiverdb/settings.py.j2
+++ b/roles/waiverdb/templates/etc/waiverdb/settings.py.j2
@@ -5,4 +5,7 @@ SECRET_KEY = '{{ stg_waiverdb_secret_key }}'
 {% else %}
 SECRET_KEY = '{{ dev_waiverdb_secret_key }}'
 {% endif %}
-SQLALCHEMY_DATABASE_URI = 'postgresql://waiverdb-user@:{{ waiverdb_db_port }}/waiverdb
+SQLALCHEMY_DATABASE_URI = 'postgresql://waiverdb-user@:{{ waiverdb_db_port }}/waiverdb'
+OIDC_CLIENT_SECRETS = '/etc/waiverdb/client_secrets.json'
+OIDC_REQUIRED_SCOPE = 'https://waiverdb.fedoraproject.org/oidc/create-waiver'
+OIDC_RESOURCE_SERVER_ONLY = True