diff --git a/plugins/oidc/server/auth/oidc.ts b/plugins/oidc/server/auth/oidc.ts
index 55c8234ed..cda07f4f5 100644
--- a/plugins/oidc/server/auth/oidc.ts
+++ b/plugins/oidc/server/auth/oidc.ts
@@ -111,6 +111,7 @@ if (
           // Default is 'preferred_username' as per OIDC spec.
           const username = get(profile, env.OIDC_USERNAME_CLAIM);
           const name = profile.name || username || profile.username;
+          const providerId = profile.sub ? profile.sub : profile.id;
 
           if (!name) {
             throw AuthenticationError(
@@ -137,7 +138,7 @@ if (
               providerId: domain,
             },
             authentication: {
-              providerId: profile.sub,
+              providerId,
               accessToken,
               refreshToken,
               expiresIn: params.expires_in,