This issue is created from the conversation.

The class OidcAuthConfig is having username, password and client_secret as mandatory. OIDC server side code is not using username and password so it is forcing server side code to pass the values. One of the proposal is to create separate model for oidc server and client. We need to evaluate all the util methods if it is going to impact in any other way.