diff --git a/.github/workflows/deploy-to-openshift-dev.yml b/.github/workflows/deploy-to-openshift-dev.yml
index 3ab786f..bfb141c 100644
--- a/.github/workflows/deploy-to-openshift-dev.yml
+++ b/.github/workflows/deploy-to-openshift-dev.yml
@@ -1,17 +1,17 @@
 name: 1 DEV - Deploy Dynamics API
 
 env:
-  # 🖊️ EDIT your repository secrets to log into your OpenShift cluster and set up the context.
+  # EDIT your repository secrets to log into your OpenShift cluster and set up the context.
   # See https://github.com/redhat-actions/oc-login#readme for how to retrieve these values.
   # To get a permanent token, refer to https://github.com/redhat-actions/oc-login/wiki/Using-a-Service-Account-for-GitHub-Actions
   OPENSHIFT_SERVER: ${{ secrets.OPENSHIFT_SERVER }}
   OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }}
-  # 🖊️ EDIT to set the kube context's namespace after login. Leave blank to use your user's default namespace.
+  # EDIT to set the kube context's namespace after login. Leave blank to use your user's default namespace.
   OPENSHIFT_NAMESPACE: ${{ secrets.CCOF_NAMESPACE_NO_ENV }}-dev
 
   # SPLUNK_TOKEN: ${{ secrets.SPLUNK_TOKEN }}
 
-    # 🖊️ EDIT to change the image registry settings.
+  # EDIT to change the image registry settings.
   # Registries such as GHCR, Quay.io, and Docker Hub are supported.
   IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
   IMAGE_REGISTRY_USER: ${{ github.actor }}
@@ -141,37 +141,49 @@ jobs:
         oc login --token=${{ env.OPENSHIFT_TOKEN }} --server=${{ env.OPENSHIFT_SERVER }}
         oc project ${{ env.OPENSHIFT_NAMESPACE }}
         # Cancel any rollouts in progress
-        oc rollout cancel dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}-${{ env.BRANCH }} 2> /dev/null \
-            || true && echo "No rollout in progress"
+        oc rollout cancel dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }} 2> /dev/null \
+          || true && echo "No rollout in progress"
 
         # Create the image stream if it doesn't exist
         oc create imagestream ${{ env.REPO_NAME }}-${{ env.IMAGE_NAME }}-${{ env.BRANCH }} 2> /dev/null \
-            || true && echo "Backend image stream in place"
+          || true && echo "Backend image stream in place"
 
         oc tag \
-           ${{ steps.push-image-backend.outputs.registry-path }} \
-           ${{ env.REPO_NAME }}-${{ env.IMAGE_NAME }}-${{ env.BRANCH }}:${{ env.TAG }}
+          ${{ steps.push-image-backend.outputs.registry-path }} \
+          ${{ env.REPO_NAME }}-${{ env.IMAGE_NAME }}-${{ env.BRANCH }}:${{ env.TAG }}
 
         # Process and apply deployment template
         oc process \
-           -f tools/openshift/d365api.dc.yaml \
-           -p APP_NAME=${{ env.APP_NAME }} \
-           -p REPO_NAME=${{ env.REPO_NAME }} \
-           -p BRANCH=${{ env.BRANCH }} \
-           -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
-           -p TAG=${{ env.TAG }} \
-           -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
-           -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
-           -p MIN_CPU=${{ env.MIN_CPU }} \
-           -p MAX_CPU=${{ env.MAX_CPU }} \
-           -p MIN_MEM=${{ env.MIN_MEM }} \
-           -p MAX_MEM=${{ env.MAX_MEM }} \
-           -p APP_ENVIRONMENT=${{ env.APP_ENVIRONMENT }} \
-            | oc apply -f -
+          -f tools/openshift/d365api.dc.yaml \
+          -p APP_NAME=${{ env.APP_NAME }} \
+          -p REPO_NAME=${{ env.REPO_NAME }} \
+          -p BRANCH=${{ env.BRANCH }} \
+          -p NAMESPACE=${{ env.OPENSHIFT_NAMESPACE }} \
+          -p TAG=${{ env.TAG }} \
+          -p MIN_REPLICAS=${{ env.MIN_REPLICAS }} \
+          -p MAX_REPLICAS=${{ env.MAX_REPLICAS }} \
+          -p MIN_CPU=${{ env.MIN_CPU }} \
+          -p MAX_CPU=${{ env.MAX_CPU }} \
+          -p MIN_MEM=${{ env.MIN_MEM }} \
+          -p MAX_MEM=${{ env.MAX_MEM }} \
+          -p APP_ENVIRONMENT=${{ env.APP_ENVIRONMENT }} \
+          | oc apply -f -
+
+        # Process update-configmap
+        cat << JSON > /tmp/authentication_settings
+          ${{ secrets.DYNAMICS_AUTHENTICATION_SETTINGS }}
+        JSON
+
+        curl -s https://raw.githubusercontent.com/bcgov/${{ env.REPO_NAME }}/${{ env.BRANCH }}/tools/config/update-configmap.sh \
+          | bash /dev/stdin \
+            ${{ env.APP_ENVIRONMENT }} \
+            ${{ env.APP_NAME }} \
+            ${{ env.OPENSHIFT_NAMESPACE }} \
+            /tmp/authentication_settings
 
         # Start rollout (if necessary) and follow it
-        oc rollout latest dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}-${{ env.BRANCH }} 2> /dev/null \
-            || true && echo "Rollout in progress"
+        oc rollout latest dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }} 2> /dev/null \
+          || true && echo "Rollout in progress"
 
         # Get status, returns 0 if rollout is successful
-        oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}-${{ env.BRANCH }}
+        oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
diff --git a/tools/config/README.md b/tools/config/README.md
new file mode 100644
index 0000000..dced747
--- /dev/null
+++ b/tools/config/README.md
@@ -0,0 +1,12 @@
+# D365 Config Map Updater
+
+This readme serves as documentation for what secrets are used for deployment and
+what their expected types are. Note that the output of the update script is a
+valid JSON file, so these types should be in JSON.
+
+| Key                              | Type     |
+|----------------------------------|----------|
+| DYNAMICS_AUTHENTICATION_SETTINGS | `Object` |
+
+Each of these keys are environment specific, so make sure you update each
+environment where applicable.
diff --git a/tools/config/update-configmap.sh b/tools/config/update-configmap.sh
new file mode 100644
index 0000000..61ebdf9
--- /dev/null
+++ b/tools/config/update-configmap.sh
@@ -0,0 +1,34 @@
+set -euo pipefail
+
+readonly ENV_VAL=$1
+readonly APP_NAME=$2
+readonly OPENSHIFT_NAMESPACE=$3
+readonly DYNAMICS_AUTHENTICATION_SETTINGS=$4
+
+D365_CONFIGURATION=$(jq << JSON
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "DynamicsAuthenticationSettings": $(cat "$DYNAMICS_AUTHENTICATION_SETTINGS")
+}
+JSON
+)
+readonly D365_CONFIGURATION
+echo "$D365_CONFIGURATION" > /tmp/appsettings.json
+
+echo
+echo Creating D365 config map "$APP_NAME-d365api-$ENV_VAL-config-map"
+oc create -n "$OPENSHIFT_NAMESPACE" configmap \
+  "$APP_NAME-d365api-$ENV_VAL-config-map" \
+  --from-file="appsettings.json=/tmp/appsettings.json" \
+  --dry-run -o yaml | oc apply -f -
+
+echo
+echo Setting environment variables for "$APP_NAME-d365api-$ENV_VAL" application
+oc -n "$OPENSHIFT_NAMESPACE" set env \
+  --from="configmap/$APP_NAME-d365api-$ENV_VAL-config-map" \
+  "dc/$APP_NAME-d365api-$ENV_VAL"
diff --git a/tools/openshift/d365api.dc.yaml b/tools/openshift/d365api.dc.yaml
index ab6ed24..cfa1977 100644
--- a/tools/openshift/d365api.dc.yaml
+++ b/tools/openshift/d365api.dc.yaml
@@ -14,7 +14,7 @@ objects:
     creationTimestamp:
     labels:
       app: "${APP_NAME}-${BRANCH}"
-    name: "${APP_NAME}-d365api-${APP_ENVIRONMENT}-${BRANCH}"
+    name: "${APP_NAME}-d365api-${APP_ENVIRONMENT}"
   spec:
     replicas: ${{MIN_REPLICAS}}
     selector: