diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a431a4befc8cd1a95eb306c9a0055bc9f1bf56a0..3a8dc082f2b30711a4350e64c84497bad25caccc 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -90,7 +90,6 @@ tests:
     NOMAD_RABBITMQ_HOST: rabbitmq
     NOMAD_ELASTIC_HOST: elastic
     NOMAD_MONGO_HOST: mongo
-    NOMAD_KEYCLOAK_CLIENT_SECRET: ${CI_KEYCLOAK_TEST_CLIENT_SECRET}
     NOMAD_KEYCLOAK_PASSWORD: ${CI_KEYCLOAK_ADMIN_PASSWORD}
     NOMAD_SPRINGER_DB_PATH: /nomad/fairdi/db/data/springer.db
   script:
diff --git a/gui/src/components/EditUserMetadataDialog.js b/gui/src/components/EditUserMetadataDialog.js
index e410504196e5537c2505806ffaedd5747402b9ed..fdad8f1964437d95d112656b625d6c3565cdcdba 100644
--- a/gui/src/components/EditUserMetadataDialog.js
+++ b/gui/src/components/EditUserMetadataDialog.js
@@ -730,7 +730,8 @@ class EditUserMetadataDialogUnstyled extends React.Component {
     user: PropTypes.object,
     onEditComplete: PropTypes.func,
     disabled: PropTypes.bool,
-    title: PropTypes.string
+    title: PropTypes.string,
+    info: PropTypes.object
   }
 
   static styles = theme => ({
@@ -1055,7 +1056,7 @@ class EditUserMetadataDialogUnstyled extends React.Component {
   }
 
   renderDialogActions(submitting, submitEnabled) {
-    const {classes} = this.props
+    const {classes, info} = this.props
 
     if (submitting) {
       return <DialogActions>
@@ -1070,7 +1071,7 @@ class EditUserMetadataDialogUnstyled extends React.Component {
       </DialogActions>
     } else {
       return <DialogActions>
-        <InviteUserDialog />
+        {info && !info.oasis && <InviteUserDialog />}
         <span style={{flexGrow: 1}} />
         <Button onClick={this.handleClose} disabled={submitting}>
           Cancel
diff --git a/nomad/app/api/auth.py b/nomad/app/api/auth.py
index 354a88a674b980c3eccf02397b3c65f21fa21764..0ba9876d9a96b49c665259e4141ff8b8a30ef16a 100644
--- a/nomad/app/api/auth.py
+++ b/nomad/app/api/auth.py
@@ -249,6 +249,9 @@ class UsersResource(Resource):
     @api.expect(user_model, validate=True)
     def put(self):
         """ Invite a new user. """
+        if config.keycloak.oasis:
+            abort(400, 'User invide does not work this NOMAD OASIS')
+
         json_data = request.get_json()
         try:
             user = datamodel.User.m_from_dict(json_data)
diff --git a/nomad/app/api/info.py b/nomad/app/api/info.py
index b284ea9193d166860d7bec331b66a2c3de9692f6..2d16bcb137a70c5ad180c82ce56d23c6db8e05a4 100644
--- a/nomad/app/api/info.py
+++ b/nomad/app/api/info.py
@@ -59,7 +59,8 @@ info_model = api.model('Info', {
     'domain': fields.Nested(model=domain_model),
     'version': fields.String,
     'release': fields.String,
-    'git': fields.Nested(model=git_info_model)
+    'git': fields.Nested(model=git_info_model),
+    'oasis': fields.Boolean
 })
 
 
@@ -95,5 +96,6 @@ class InfoResource(Resource):
                 'version': gitinfo.version,
                 'commit': gitinfo.commit,
                 'log': gitinfo.log
-            }
+            },
+            'oasis': config.keycloak.oasis
         }, 200
diff --git a/nomad/cli/client/client.py b/nomad/cli/client/client.py
index 9dc8eb7c4247e0310e756a4faec19602b1364291..662cb31356fc13066e7d7369589c50eeb35ff9ab 100644
--- a/nomad/cli/client/client.py
+++ b/nomad/cli/client/client.py
@@ -83,9 +83,9 @@ def __create_client(
                 host=host,
                 user=user,
                 password=password,
-                server_url=nomad_config.keycloak.server_external_url,
+                server_url=nomad_config.keycloak.server_url,
                 realm_name=nomad_config.keycloak.realm_name,
-                client_id=nomad_config.keycloak.public_client_id)
+                client_id=nomad_config.keycloak.client_id)
         else:
             http_client.set_basic_auth(
                 host=host,
diff --git a/nomad/config.py b/nomad/config.py
index ecc4f25ce035599db12cd40c4d6b30636bb517e7..e266b43e1c3b810d7cf21880f9c7b1da1c5700d2 100644
--- a/nomad/config.py
+++ b/nomad/config.py
@@ -37,6 +37,7 @@ import os
 import os.path
 import yaml
 import warnings
+import sys
 
 from nomad import gitinfo
 
@@ -112,14 +113,13 @@ elastic = NomadConfig(
 )
 
 keycloak = NomadConfig(
-    server_external_url='https://repository.nomad-coe.eu/fairdi/keycloak/auth/',
     server_url='https://repository.nomad-coe.eu/fairdi/keycloak/auth/',
     realm_name='fairdi_nomad_test',
     username='admin',
     password='password',
-    client_id='nomad_api_dev',
-    client_secret='**********',
-    public_client_id='nomad_public')
+    client_id='nomad_public',
+    client_secret=None,
+    oasis=False)
 
 mongo = NomadConfig(
     host='localhost',
@@ -308,8 +308,8 @@ def load_config(config_file: str = os.environ.get('NOMAD_CONFIG', 'nomad.yaml'))
         config_file: Override the configfile, default is file stored in env variable
             NOMAD_CONFIG or ``nomad.yaml``.
     """
-    # load yaml and override defaults
-    if os.path.exists(config_file):
+    # load yaml and override defaults (only when not in test)
+    if os.path.exists(config_file) and 'pytest' not in sys.modules:
         with open(config_file, 'r') as stream:
             try:
                 config_data = yaml.load(stream, Loader=getattr(yaml, 'FullLoader'))
diff --git a/nomad/infrastructure.py b/nomad/infrastructure.py
index 76e20299893cef4580d257f0412df394ab5f4f0a..84da75147b87b5309d6558aff2ff6f111902ab74 100644
--- a/nomad/infrastructure.py
+++ b/nomad/infrastructure.py
@@ -124,7 +124,7 @@ class Keycloak():
     def _oidc_client(self):
         if self.__oidc_client is None:
             self.__oidc_client = KeycloakOpenID(
-                server_url=config.keycloak.server_external_url,
+                server_url=config.keycloak.server_url,
                 client_id=config.keycloak.client_id,
                 realm_name=config.keycloak.realm_name,
                 client_secret_key=config.keycloak.client_secret)
@@ -188,7 +188,7 @@ class Keycloak():
                     options = dict(verify_aud=False, verify_exp=True, verify_iss=True)
                     payload = jwt.decode(
                         g.oidc_access_token, key=key, algorithms=['RS256'], options=options,
-                        issuer='%s/realms/%s' % (config.keycloak.server_external_url.rstrip('/'), config.keycloak.realm_name))
+                        issuer='%s/realms/%s' % (config.keycloak.server_url.rstrip('/'), config.keycloak.realm_name))
 
             except jwt.InvalidTokenError as e:
                 auth_error = str(e)
@@ -375,7 +375,7 @@ class Keycloak():
                 server_url=config.keycloak.server_url,
                 username=config.keycloak.username,
                 password=config.keycloak.password,
-                realm_name='master',
+                realm_name=config.keycloak.realm_name,
                 verify=True)
             self.__admin_client.realm_name = config.keycloak.realm_name
 
diff --git a/ops/helm/nomad/templates/nomad-configmap.yml b/ops/helm/nomad/templates/nomad-configmap.yml
index 6b2c0842f81a407f1be10d33dc362ded4955c2fa..a0495d333b0aeb4252d77b868b3c85b3a03fe17e 100644
--- a/ops/helm/nomad/templates/nomad-configmap.yml
+++ b/ops/helm/nomad/templates/nomad-configmap.yml
@@ -55,7 +55,6 @@ data:
       routing: "{{ .Values.worker.routing }}"
       timeout: 7200
     keycloak:
-      server_external_url: "{{ .Values.keycloak.serverExternalUrl }}"
       server_url: "{{ .Values.keycloak.serverUrl }}"
       realm_name: "{{ .Values.keycloak.realmName }}"
       username: "{{ .Values.keycloak.username }}"
diff --git a/ops/helm/nomad/values.yaml b/ops/helm/nomad/values.yaml
index 661bbe2b1f259fa39f43ffaf0cc81c1bba55b0ba..595acec64a95e3189a6facf280ac637f57183f77 100644
--- a/ops/helm/nomad/values.yaml
+++ b/ops/helm/nomad/values.yaml
@@ -136,8 +136,8 @@ keycloak:
   serverUrl: "https://repository.nomad-coe.eu/fairdi/keycloak/auth/"
   realmName: "fairdi_nomad_test"
   username: "admin"
-  clientId: "nomad_api_dev"
-  guiClientId: "nomad_gui_dev"
+  clientId: "nomad_public"
+  guiClientId: "nomad_public"
   admin_user_id: "00000000-0000-0000-0000-000000000000"
 
 ## Everything concerning the data that is used by the service