diff --git a/ansible/roles/synapse/defaults/main.json b/ansible/roles/synapse/defaults/main.json
index 28ee5e3..bc84eb6 100644
--- a/ansible/roles/synapse/defaults/main.json
+++ b/ansible/roles/synapse/defaults/main.json
@@ -13,12 +13,12 @@
 	"var_synapse_federation_whitelist": [],
 	"var_synapse_password_strict_policy": true,
 	"var_synapse_registration_shared_secret": "REPLACE_ME",
-	"var_synapse_oidc_enable": false,
-	"var_synapse_oidc_provider_id": "external_auth",
-	"var_synapse_oidc_provider_name": "external auth",
-	"var_synapse_oidc_client_id": "synapse",
-	"var_synapse_oidc_client_secret": "REPLACE_ME",
-	"var_synapse_oidc_issuer_url": "https://auth.example.org",
+	"var_synapse_authentication_kind": "internal",
+	"var_synapse_authentication_data_authelia_provider_id": "authelia",
+	"var_synapse_authentication_data_authelia_provider_name": "Authelia",
+	"var_synapse_authentication_data_authelia_client_id": "synapse",
+	"var_synapse_authentication_data_authelia_client_secret": "REPLACE_ME",
+	"var_synapse_authentication_data_authelia_url_base": "https://authelia.example.org",
 	"var_synapse_smtp_host": "smtp.example.org",
 	"var_synapse_smtp_port": 587,
 	"var_synapse_smtp_username": "synapse@smtp.example.org",
diff --git a/ansible/roles/synapse/templates/homeserver.yaml.j2 b/ansible/roles/synapse/templates/homeserver.yaml.j2
index 06e7079..f5c310c 100644
--- a/ansible/roles/synapse/templates/homeserver.yaml.j2
+++ b/ansible/roles/synapse/templates/homeserver.yaml.j2
@@ -91,29 +91,29 @@ recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify"
 registration_shared_secret: "{{var_synapse_registration_shared_secret}}"
 {% endif %}
 
-{% if var_synapse_oidc_enable %}
-enable_registration: false
-enable_registration_without_verification: false
-{% else %}
-enable_registration: true
-enable_registration_without_verification: true
-{% endif %}
-
 oidc_config:
   user_mapping_provider:
     config:
       # NOT an Ansible variable
       localpart_template: "{{"{{"}} user.preferred_username {{"}}"}}"
 
-{% if var_synapse_oidc_enable %}
+{% if var_synapse_authentication_kind == 'internal' %}
+enable_registration: true
+enable_registration_without_verification: true
+{% endif %}
+
+{% if var_synapse_authentication_kind == 'authelia' %}
+enable_registration: false
+enable_registration_without_verification: false
+
 oidc_providers:
-  - idp_id: "{{var_synapse_oidc_provider_id}}"
-    idp_name: "{{var_synapse_oidc_provider_name}}"
-    # idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
+  - idp_id: "{{var_synapse_authentication_data_authelia_provider_id}}"
+    idp_name: "{{var_synapse_authentication_data_authelia_provider_name}}"
+    idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
     discover: true
-    issuer: "{{var_synapse_oidc_issuer_url}}"
-    client_id: "{{var_synapse_oidc_client_id}}"
-    client_secret: "{{var_synapse_oidc_client_secret}}"
+    issuer: "{{var_synapse_authentication_data_authelia_url_base}}"
+    client_id: "{{var_synapse_authentication_data_authelia_client_id}}"
+    client_secret: "{{var_synapse_authentication_data_authelia_client_secret}}"
     scopes: ["openid", "profile", "email"]
     allow_existing_users: true
     user_mapping_provider: