diff --git a/app/Http/Controllers/Api/OauthMetadataController.php b/app/Http/Controllers/Api/OauthMetadataController.php
index 0e75d5f..d90253d 100644
--- a/app/Http/Controllers/Api/OauthMetadataController.php
+++ b/app/Http/Controllers/Api/OauthMetadataController.php
@@ -42,6 +42,32 @@ class OauthMetadataController extends Controller
         ]);
     }
 
+    #[Apidoc\Title('OIDC Discovery 2'), Apidoc\Method('GET'), Apidoc\Url('/well-known/openid-configuration')]
+    public function openidConfiguration2(): JsonResponse
+    {
+        $scopes = OauthScope::query()
+            ->where('is_active', true)
+            ->orderBy('name')
+            ->pluck('name')
+            ->values()
+            ->all();
+
+        return response()->json([
+            'issuer' => (string) config('oauth.issuer'),
+            'authorization_endpoint' => URL::to('/oauth/authorize'),
+            'token_endpoint' => URL::to('/oauth/token'),
+            'userinfo_endpoint' => URL::to('/oauth/userinfo'),
+            'jwks_uri' => URL::to('/oauth/jwks'),
+            'response_types_supported' => ['code'],
+            'subject_types_supported' => ['public'],
+            'id_token_signing_alg_values_supported' => ['RS256'],
+            'scopes_supported' => $scopes,
+            'token_endpoint_auth_methods_supported' => ['client_secret_basic', 'client_secret_post'],
+            'grant_types_supported' => ['authorization_code', 'refresh_token'],
+            'claims_supported' => ['iss', 'sub', 'aud', 'exp', 'iat', 'auth_time', 'nonce', 'at_hash', 'nickname', 'email', 'phone'],
+        ]);
+    }
+
     #[Apidoc\Title('JWKS'), Apidoc\Method('GET'), Apidoc\Url('/oauth/jwks')]
     public function jwks(): JsonResponse
     {