...
The Integration of service with OIDC requires the service provider to submit a list of the services OIDC redirect_uri -addresses to the MPASSid-operator. By default, services are expected to use the authorization code flow and the client_secret_basic -method when authenticating to the OIDC token endpoint, but other standard methods are also supported. This information (for example public key information, when private_key_jwt -method is being used) is submitted to the operator. In return, MPASSid-operator will send the client_id -value, and other attributes required by the chosen profile, such as the client_secret. Information is sent to the MPASSid support by email at mpass@oph.fi .
...