diff --git a/main.tf b/main.tf
index 1d1d515..f94aa0c 100644
--- a/main.tf
+++ b/main.tf
@@ -5,6 +5,10 @@ data "vault_generic_secret" "cloudflare" {
   path = var.vault_cloudflare_path
 }
 
+data "vault_generic_secret" "authentik" {
+  path = var.vault_authentik_path
+}
+
 # =============================================================================
 # LOCALS
 # =============================================================================
@@ -15,6 +19,9 @@ locals {
   cloudflare_account_id = data.vault_generic_secret.cloudflare.data["account_id"]
   cloudflare_email      = data.vault_generic_secret.cloudflare.data["email"]
   
+  authentik_oidc_client_id_cloudflare = data.vault_generic_secret.authentik.data["client_id_cloudflare"]
+  authentik_oidc_secret_cloudflare    = data.vault_generic_secret.authentik.data["secret_cloudflare"]
+
   # Construction des ingress rules pour toutes les applications
   ingress_rules = concat(
     [