To add a custom OIDC provider to your Ory project, you can follow these steps: 1. Obtain the necessary configuration details from your OIDC provider: - Client ID - Client Secret - Issuer URL 2. Add the provider using either the Ory Console or the Ory CLI. Using the Ory Console: 1. Go to Authentication → Social Sign-In in the Ory Console. 2. Click the "Add new OpenID Connect provider" button. 3. Fill in the configuration details (Client ID, Client Secret, Issuer URL). 4. Copy the Redirect URI from the Console and add it to your OIDC provider's configuration. 5. Save the configuration. Using the Ory CLI: 1. Download your current identity configuration:

bash ory get identity-config --project <project-id> --workspace <workspace-id> --format yaml > identity-config.yaml

2. Add the provider configuration to the downloaded config file:

yaml selfservice:   methods:     oidc:       config:         providers:           - id: generic # this is `<provider-id>` in the Authorization callback URL             provider: generic             client_id: .... # Replace with your Client ID             client_secret: .... # Replace with your Client Secret             issuer_url: <https://your-provider-issuer-url.com>             mapper_url: "base64://{YOUR_BASE64_ENCODED_JSONNET_HERE}"             scope:               - email               # Add other required scopes       enabled: true

3. Update the Ory Identities configuration:

bash ory update identity-config --project <project-id> --workspace <workspace-id> --file identity-config.yaml

Remember to create a Jsonnet code snippet for data mapping and encode it with Base64 or host it under a URL accessible to Ory Network. For more detailed information, you can refer to the [Generic provider documentation](https://www.ory.sh/docs/kratos/social-signin/generic).