diff --git a/.envrc.example b/.envrc.example
index 567845bce..fc4f97ef4 100644
--- a/.envrc.example
+++ b/.envrc.example
@@ -2,7 +2,6 @@ export ALERT_API_URL=http://s3.amazonaws.com/mbta-realtime-test/alerts_enhanced.
 export API_KEY=
 export API_URL=https://api-dev.mbtace.com/
 export APP_COOKIE=
-export AUTHENTICATION_SOURCE=
 export AWS_ACCESS_KEY_ID=
 export AWS_SECRET_ACCESS_KEY=
 export DATABASE_URL_DEV=postgresql://__username__:password@localhost:5432/alert_concierge_dev
diff --git a/apps/concierge_site/config/config.exs b/apps/concierge_site/config/config.exs
index 27c8fd18e..101d84b06 100644
--- a/apps/concierge_site/config/config.exs
+++ b/apps/concierge_site/config/config.exs
@@ -8,7 +8,8 @@ import Config
 # General application configuration
 config :concierge_site,
   namespace: ConciergeSite,
-  ecto_repos: []
+  ecto_repos: [],
+  start_oidc_worker: true
 
 # Configures the endpoint
 config :concierge_site, ConciergeSite.Endpoint,
diff --git a/apps/concierge_site/config/test.exs b/apps/concierge_site/config/test.exs
index 2d8fbdb7b..5caf0aeae 100644
--- a/apps/concierge_site/config/test.exs
+++ b/apps/concierge_site/config/test.exs
@@ -1,5 +1,8 @@
 import Config
 
+config :concierge_site,
+  start_oidc_worker: false
+
 # Run a server for browser-based feature tests
 config :concierge_site, ConciergeSite.Endpoint, server: true, http: [port: 4001]
 
diff --git a/apps/concierge_site/lib/concierge_site.ex b/apps/concierge_site/lib/concierge_site.ex
index c4096f661..19d84256a 100644
--- a/apps/concierge_site/lib/concierge_site.ex
+++ b/apps/concierge_site/lib/concierge_site.ex
@@ -4,8 +4,7 @@ defmodule ConciergeSite do
 
   def start(_type, _args) do
     auth_children =
-      if Application.get_env(:concierge_site, ConciergeSite.Endpoint)[:authentication_source] ==
-           "keycloak" do
+      if Application.get_env(:concierge_site, :start_oidc_worker) do
         [
           {OpenIDConnect.Worker, Application.get_env(:ueberauth, Ueberauth.Strategy.OIDC)}
         ]
diff --git a/apps/concierge_site/test/web/controllers/account_controller_test.exs b/apps/concierge_site/test/web/controllers/account_controller_test.exs
index 3917660d4..5b71022ec 100644
--- a/apps/concierge_site/test/web/controllers/account_controller_test.exs
+++ b/apps/concierge_site/test/web/controllers/account_controller_test.exs
@@ -2,14 +2,12 @@ defmodule ConciergeSite.AccountControllerTest do
   @moduledoc false
   use ConciergeSite.ConnCase, async: true
   import AlertProcessor.Factory
-  import Test.Support.Helpers
   alias AlertProcessor.Helpers.ConfigHelper
   alias AlertProcessor.Model.{Notification, Subscription, Trip, User}
   alias AlertProcessor.Repo
 
   describe "new/4" do
     test "redirects to the keycloak register route", %{conn: conn} do
-      reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
       conn = get(conn, account_path(conn, :new))
       assert redirected_to(conn) == "/auth/keycloak/register"
     end
@@ -69,7 +67,6 @@ defmodule ConciergeSite.AccountControllerTest do
   end
 
   test "POST /account/options with errors", %{conn: conn} do
-    reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
     user = insert(:user)
 
     user_params = %{
@@ -100,7 +97,6 @@ defmodule ConciergeSite.AccountControllerTest do
     end
 
     test "POST /account/edit", %{conn: conn} do
-      reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
       user = insert(:user, phone_number: nil)
 
       user_params = %{
@@ -124,7 +120,6 @@ defmodule ConciergeSite.AccountControllerTest do
     end
 
     test "POST /account/edit error must accept terms and conditions", %{conn: conn} do
-      reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
       user = insert(:user, communication_mode: "email", phone_number: "8888888888")
 
       user_params = %{
@@ -240,8 +235,6 @@ defmodule ConciergeSite.AccountControllerTest do
 
   describe "update password" do
     test "GET /password/edit - for Keycloak auth", %{conn: conn} do
-      reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
-
       user = insert(:user)
 
       conn =
diff --git a/apps/concierge_site/test/web/controllers/auth_controller_test.exs b/apps/concierge_site/test/web/controllers/auth_controller_test.exs
index 6d8be4ac1..a97fff3a7 100644
--- a/apps/concierge_site/test/web/controllers/auth_controller_test.exs
+++ b/apps/concierge_site/test/web/controllers/auth_controller_test.exs
@@ -22,8 +22,6 @@ defmodule ConciergeSite.Web.AuthControllerTest do
 
   describe "GET /auth/:provider/callback" do
     setup do
-      reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
-
       reassign_env(:concierge_site, :token_verify_fn, fn _, _ ->
         {:ok, %{"resource_access" => %{"t-alerts" => %{"roles" => ["admin", "user"]}}}}
       end)
@@ -123,8 +121,6 @@ defmodule ConciergeSite.Web.AuthControllerTest do
     end
 
     test "redirects to the landing page for an ueberauth failure", %{conn: conn} do
-      reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
-
       conn =
         conn
         |> init_test_session(%{username: "test_username"})
diff --git a/apps/concierge_site/test/web/controllers/session_controller_test.exs b/apps/concierge_site/test/web/controllers/session_controller_test.exs
index f522e0d19..c0a5684ef 100644
--- a/apps/concierge_site/test/web/controllers/session_controller_test.exs
+++ b/apps/concierge_site/test/web/controllers/session_controller_test.exs
@@ -2,13 +2,10 @@ defmodule ConciergeSite.SessionControllerTest do
   @moduledoc false
   use ConciergeSite.ConnCase
   import AlertProcessor.Factory
-  import Test.Support.Helpers
   alias Hammer
 
   describe "GET /login/new" do
     test "redirects to Keycloak login page", %{conn: conn} do
-      reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
-
       conn = get(conn, session_path(conn, :new))
 
       assert redirected_to(conn, 302) == "/auth/keycloak"
@@ -16,8 +13,6 @@ defmodule ConciergeSite.SessionControllerTest do
   end
 
   test "DELETE /login", %{conn: conn} do
-    reassign_env(:concierge_site, ConciergeSite.Endpoint, authentication_source: "keycloak")
-
     user = insert(:user)
 
     conn =
diff --git a/config/runtime.exs b/config/runtime.exs
index 40ec1bd51..849badb35 100644
--- a/config/runtime.exs
+++ b/config/runtime.exs
@@ -3,9 +3,6 @@ import Config
 config :alert_processor, AlertProcessor.Repo,
   url: System.fetch_env!("DATABASE_URL_#{config_env() |> to_string() |> String.upcase()}")
 
-config :concierge_site, ConciergeSite.Endpoint,
-  authentication_source: System.get_env("AUTHENTICATION_SOURCE", "local")
-
 config :concierge_site,
   keycloak_base_uri: System.get_env("KEYCLOAK_BASE_URI"),
   keycloak_client_id: System.get_env("KEYCLOAK_CLIENT_ID"),