diff --git a/ansible/templates/alertad.conf b/ansible/templates/alertad.conf
index b16ba43..01fb1eb 100644
--- a/ansible/templates/alertad.conf
+++ b/ansible/templates/alertad.conf
@@ -9,7 +9,9 @@ AUTH_PROVIDER = 'keycloak'
 
 KEYCLOAK_URL = "{{ keycloak_url }}"
 KEYCLOAK_REALM = "{{ keycloak_realm }}"
-ALLOWED_KEYCLOAK_ROLES = "{{ keycloak_roles }}"
+ALLOWED_KEYCLOAK_ROLES = ["{{ keycloak_role }}"]
+OAUTH2_CLIENT_ID = "{{ oauth_client_id }}"
+OAUTH2_CLIENT_SECRET = "{{ oauth_client_secret }}"
 
 SEVERITY_MAP = {
     'fatal': 0,
diff --git a/ansible/vars/all.yml b/ansible/vars/all.yml
index c2001a1..4b1cd61 100644
--- a/ansible/vars/all.yml
+++ b/ansible/vars/all.yml
@@ -4,6 +4,6 @@ db_name: "alerta"
 db_user: "postgres"
 domain: "alerta.autonomic.zone"
 http_port: "8080"
-keycloak_realm: "Autonomic"
-keycloak_roles: "Worker-Owner"
+keycloak_realm: "autonomic"
+keycloak_role: "worker-owner"
 keycloak_url: "https://id.autonomic.zone"
diff --git a/ansible/vars/oauth_client_id.yml b/ansible/vars/oauth_client_id.yml
new file mode 100644
index 0000000..6b98ec5
--- /dev/null
+++ b/ansible/vars/oauth_client_id.yml
@@ -0,0 +1,8 @@
+---
+oauth_client_id: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  39306264623166643338363663373230373263613139316532343061373434336565393766353566
+  3766306664323930366335323936336661346631643835320a653161303439306639376534373530
+  66366230353338306464623336363539393064366136346133653163653835333938323137613965
+  6261643035373035340a616166636636333730663632356533636561313530613466373635376239
+  64623336383365386164393234643463666434613935623164363138653731333766
diff --git a/ansible/vars/oauth_client_secret.yml b/ansible/vars/oauth_client_secret.yml
new file mode 100644
index 0000000..23666d3
--- /dev/null
+++ b/ansible/vars/oauth_client_secret.yml
@@ -0,0 +1,9 @@
+---
+oauth_client_secret: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  66376130626633383864663931383235346236613964343930303962633032626339646264643566
+  3538393033383630633062323631306563383634643366610a343432633265303137626238393739
+  38323230646566623563653037336636636635333435653162373539333036353261333366666466
+  3861626564313636350a373938613136336233386437613833383333383565333933303938343766
+  63663730316431363133393332306562653164343337303334663933616337343964623033666432
+  3665653337373731616231363465383865313136393036393634