diff --git a/README.md b/README.md
index 852bdc2..77b9f09 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ a CalDAV/CardDAV server
 - adequately fast (I'd say blazingly fast™ :fire: if I did the benchmarks to back that claim up)
 - deleted calendars are recoverable
 - Nextcloud login flow (In DAVx5 you can login through the Nextcloud flow and automatically generate an app token)
-- experimental OpenID Connect support (with option to disable password login)
+- OpenID Connect support (with option to disable password login)
 
 ## Installation
 
@@ -137,6 +137,8 @@ client_id = "rustical"
 client_secret = "secret"
 scopes = ["openid", "profile"]
 allow_sign_up = false
+# claim_userid = "sub" or "preferred_username"
+# require_group = "app/rustical"
 ```
 
 On the IdP side you have to create a client with the redirect uri `/frontend/login/oidc/callback` (subject to change).
diff --git a/crates/frontend/src/config.rs b/crates/frontend/src/config.rs
index 6d0d22e..e7e813a 100644
--- a/crates/frontend/src/config.rs
+++ b/crates/frontend/src/config.rs
@@ -26,7 +26,7 @@ pub struct OidcConfig {
     pub allow_sign_up: bool,
     pub require_group: Option<String>,
     #[serde(default)]
-    pub userid_claim: UserIdClaim,
+    pub claim_userid: UserIdClaim,
 }
 
 #[derive(Deserialize, Serialize, Clone)]
diff --git a/crates/frontend/src/oidc/mod.rs b/crates/frontend/src/oidc/mod.rs
index 259ca26..9d8f8aa 100644
--- a/crates/frontend/src/oidc/mod.rs
+++ b/crates/frontend/src/oidc/mod.rs
@@ -197,7 +197,7 @@ pub async fn route_get_oidc_callback<AP: AuthenticationProvider>(
         }
     }
 
-    let user_id = match oidc_config.userid_claim {
+    let user_id = match oidc_config.claim_userid {
         UserIdClaim::Sub => user_info_claims.subject().to_string(),
         UserIdClaim::PreferredUsername => user_info_claims
             .preferred_username()