diff --git a/flux2/apps/wekan/release.yaml b/flux2/apps/wekan/release.yaml
index 2040f95a072d539d737c7838a2669d7a4e887537..e9d65b5065c0fd002bcfcee2e5492e7a3285360f 100644
--- a/flux2/apps/wekan/release.yaml
+++ b/flux2/apps/wekan/release.yaml
@@ -48,15 +48,15 @@ spec:
       - name: "OAUTH2_TOKEN_ENDPOINT"
         value: "/oauth2/token"
       - name: "OAUTH2_REQUEST_PERMISSIONS"
-        value: "email profile openid openappstack_roles offline_access"
-      # - name: "OAUTH2_ID_MAP"
-      #   value: "preferred_username"
-      # - name: "OAUTH2_USERNAME_MAP"
-      #   value: "preferred_username"
-      # - name: "OAUTH2_FULLNAME_MAP"
-      #   value: "name"
-      # - name: "OAUTH2_EMAIL_MAP"
-      #   value: "email"
+        value: "email profile openid"
+      - name: "OAUTH2_ID_MAP"
+        value: "sub"
+      - name: "OAUTH2_USERNAME_MAP"
+        value: "preferred_username"
+      - name: "OAUTH2_FULLNAME_MAP"
+        value: "name"
+      - name: "OAUTH2_EMAIL_MAP"
+        value: "email"
     ## Specify additional secret environmental variables for the
     ## Deployment. These can e.g. be provided by a Secret and allow
     ## to store passwords separately