diff --git a/Source/ProofOfConcept/Program.cs b/Source/ProofOfConcept/Program.cs
index 180ec54..7c6d63e 100644
--- a/Source/ProofOfConcept/Program.cs
+++ b/Source/ProofOfConcept/Program.cs
@@ -41,7 +41,8 @@ builder.Services
     .AddOpenIdConnect(o =>
     {
         // Point directly at the third-party metadata
-        o.MetadataAddress = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/thirdparty/.well-known/openid-configuration";
+        // Metadata is wrong... it sets non-existing uris like: "jwks_uri": "https://fleet-auth.tesla.com/oauth2/v3/discovery/thirdparty/keys"
+        //o.MetadataAddress = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/thirdparty/.well-known/openid-configuration";
         
         // === Use Fleet-Auth third-party OIDC config ===
         o.Authority = "https://fleet-auth.tesla.com/oauth2/v3/nts";
@@ -52,7 +53,38 @@ builder.Services
         o.Configuration.JwksUri = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/discovery/thirdparty/keys";
         o.Configuration.EndSessionEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/logout";
         o.Configuration.UserInfoEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/userinfo";
-        o.ConfigurationManager = new TeslaOIDCConfigurationManager(o.MetadataAddress);
+        
+        o.Configuration.TokenEndpointAuthMethodsSupported.Clear();
+        o.Configuration.TokenEndpointAuthMethodsSupported.Add("client_secret_post");
+
+        o.Configuration.ResponseModesSupported.Clear();
+        o.Configuration.ResponseModesSupported.Add("query");
+        
+        o.Configuration.GrantTypesSupported.Clear();
+        o.Configuration.GrantTypesSupported.Add("authorization_code");
+        
+        o.Configuration.SubjectTypesSupported.Clear();
+        o.Configuration.SubjectTypesSupported.Add("public");
+        
+        o.Configuration.ScopesSupported.Clear();
+        o.Configuration.ScopesSupported.Add("openid");
+        o.Configuration.ScopesSupported.Add("email");
+        o.Configuration.ScopesSupported.Add("profile");
+        o.Configuration.ScopesSupported.Add("metadata");
+        
+        o.Configuration.IdTokenSigningAlgValuesSupported.Clear();
+        o.Configuration.IdTokenSigningAlgValuesSupported.Add("RS256");
+        
+        o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Clear();
+        o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Add("RS256");
+        
+        o.Configuration.ClaimsSupported.Clear();
+        o.Configuration.ClaimsSupported.Add("iss");
+        o.Configuration.ClaimsSupported.Add("iat");
+        o.Configuration.ClaimsSupported.Add("exp");
+        o.Configuration.ClaimsSupported.Add("nonce");
+        o.Configuration.ClaimsSupported.Add("sub");
+        o.Configuration.ClaimsSupported.Add("aud");
         
         // Standard OIDC web app settings
         o.ResponseType = OpenIdConnectResponseType.Code;