diff --git a/auth_openidc.conf b/auth_openidc.conf
index 631ec44..63d422e 100644
--- a/auth_openidc.conf
+++ b/auth_openidc.conf
@@ -51,6 +51,7 @@ OIDCSessionCacheFallbackToCookie On
 OIDCSessionInactivityTimeout 28800
 OIDCSessionType server-cache
 OIDCCacheEncrypt On
+OIDCXForwardedHeaders X-Forwarded-Host X-Forwarded-Proto
 
 # Indicates whether POST data will be preserved across authentication requests.
 # Preservation is done via HTML 5 local storage. Note that this can lead to private