diff --git a/nixos/modules/services/security/oauth2_proxy.nix b/nixos/modules/services/security/oauth2_proxy.nix
index abf1ce9ba020..d2992a196bf8 100644
--- a/nixos/modules/services/security/oauth2_proxy.nix
+++ b/nixos/modules/services/security/oauth2_proxy.nix
@@ -47,6 +47,7 @@ let
     reverse-proxy = reverseProxy;
     proxy-prefix = proxyPrefix;
     profile-url = profileURL;
+    oidc-issuer-url = oidcIssuerUrl;
     redeem-url = redeemURL;
     redirect-url = redirectURL;
     request-logging = requestLogging;
@@ -131,6 +132,15 @@ in
       example = "123456.apps.googleusercontent.com";
     };
 
+    oidcIssuerUrl = mkOption {
+      type = types.nullOr types.str;
+      default = null;
+      description = ''
+        The OAuth issuer URL.
+      '';
+      example = "https://login.microsoftonline.com/{TENANT_ID}/v2.0";
+    };
+
     clientSecret = mkOption {
       type = types.nullOr types.str;
       description = ''