diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 348e902..39c25ad 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -31,6 +31,7 @@ security:
             oidc:
                 login_path: '/login/oidc'
                 check_path: '/login/oidc/auth'
+                enable_end_session_listener: true
             entry_point: form_login
 
             # activate different ways to authenticate
diff --git a/config/security.yaml b/config/security.yaml
deleted file mode 100644
index fa73fda..0000000
--- a/config/security.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-security:
-    # https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
-    password_hashers:
-        Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
-    # https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
-    providers:
-        users_in_memory: { memory: null }
-        app_local:
-            entity:
-                class: App\User\Framework\Entity\User
-                property: email
-
-        app_ldap:
-            id: App\User\Framework\Security\LdapUserProvider
-
-    firewalls:
-        dev:
-            pattern: ^/(_(profiler|wdt)|css|images|js)/
-            security: false
-        main:
-            lazy: true
-            provider: app_ldap
-            entry_point: form_login_ldap
-            form_login_ldap:
-                login_path: app_login
-                check_path: app_login
-                enable_csrf: true
-                service: Symfony\Component\Ldap\Ldap
-                dn_string: '%env(LDAP_DN_STRING)%'
-            form_login:
-                login_path: app_login
-                check_path: app_login
-                enable_csrf: true
-            logout:
-                path: app_logout
-
-            # activate different ways to authenticate
-            # https://symfony.com/doc/current/security.html#the-firewall
-
-            # https://symfony.com/doc/current/security/impersonating_user.html
-            # switch_user: true
-
-    # Easy way to control access for large sections of your site
-    # Note: Only the *first* access control that matches will be used
-    access_control:
-        - { path: ^/reset-password, roles: PUBLIC_ACCESS }
-        - { path: ^/login, roles: PUBLIC_ACCESS }
-        - { path: ^/, roles: ROLE_USER } # Or ROLE_ADMIN, ROLE_SUPER_ADMIN,
-
-when@test:
-    security:
-        password_hashers:
-            # By default, password hashers are resource intensive and take time. This is
-            # important to generate secure password hashes. In tests however, secure hashes
-            # are not important, waste resources and increase test times. The following
-            # reduces the work factor to the lowest possible values.
-            Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
-                algorithm: auto
-                cost: 4 # Lowest possible value for bcrypt
-                time_cost: 3 # Lowest possible value for argon
-                memory_cost: 10 # Lowest possible value for argon
diff --git a/src/User/Framework/Controller/Web/LoginOidcController.php b/src/User/Framework/Controller/Web/LoginOidcController.php
index fa58a82..9e5d089 100644
--- a/src/User/Framework/Controller/Web/LoginOidcController.php
+++ b/src/User/Framework/Controller/Web/LoginOidcController.php
@@ -25,7 +25,7 @@ class LoginOidcController extends AbstractController
         }
 
         // Redirect to authorization @ OIDC provider
-        return $oidcClient->generateAuthorizationRedirect();
+        return $oidcClient->generateAuthorizationRedirect(scopes: ['openid', 'profile']);
     }
 
     #[Route('/login/oidc/auth', name: 'app_login_oidc_auth')]
diff --git a/src/User/Framework/Security/OidcUserProvider.php b/src/User/Framework/Security/OidcUserProvider.php
index b46557b..f85ea7d 100644
--- a/src/User/Framework/Security/OidcUserProvider.php
+++ b/src/User/Framework/Security/OidcUserProvider.php
@@ -8,6 +8,7 @@ use Drenso\OidcBundle\Exception\OidcException;
 use Drenso\OidcBundle\Model\OidcTokens;
 use Drenso\OidcBundle\Model\OidcUserData;
 use Drenso\OidcBundle\Security\UserProvider\OidcUserProviderInterface;
+use Symfony\Component\PasswordHasher\PasswordHasherInterface;
 use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
 use Symfony\Component\Security\Core\Exception\UserNotFoundException;
 use Symfony\Component\Security\Core\User\OidcUser;
@@ -25,8 +26,9 @@ class OidcUserProvider implements OidcUserProviderInterface
 
         if (null === $user) {
             $user = new User()
-                ->setEmail($userData->getEmail())
-                ->setName($userData->getFullName())
+                ->setEmail(!empty($userData->getEmail()) ? $userData->getEmail() : $userData->getSub())
+                ->setName(!empty($userData->getFullName()) ? $userData->getFullName() : $userData->getGivenName())
+                ->setPassword('n/a')
                 ;
             $this->userRepository->getEntityManager()->persist($user);
             $this->userRepository->getEntityManager()->flush();