diff --git a/assemblyline_ui/api/v4/authentication.py b/assemblyline_ui/api/v4/authentication.py
index f9870a02..a430c1cc 100644
--- a/assemblyline_ui/api/v4/authentication.py
+++ b/assemblyline_ui/api/v4/authentication.py
@@ -42,7 +42,7 @@
 from assemblyline_ui.security.saml_auth import get_attribute, get_roles, get_types
 from authlib.integrations.base_client import OAuthError
 from authlib.integrations.requests_client import OAuth2Session
-from authlib.integrations.flask_client import OAuth, FlaskRemoteApp
+from authlib.integrations.flask_client import OAuth, FlaskOAuth2App
 from flask import current_app, redirect, request
 from flask import session as flsk_session
 from onelogin.saml2.auth import OneLogin_Saml2_Auth
@@ -671,7 +671,7 @@ def oauth_validate(**_):
 
     if config.auth.oauth.enabled:
         oauth: OAuth = current_app.extensions.get('authlib.integrations.flask_client')
-        provider: FlaskRemoteApp = oauth.create_client(oauth_provider)
+        provider: FlaskOAuth2App = oauth.create_client(oauth_provider)
 
         if provider:
             # noinspection PyBroadException
@@ -722,7 +722,7 @@ def oauth_validate(**_):
 
                 # Add user_data info from received token
                 if oauth_provider_config.jwks_uri:
-                    user_data = provider.parse_id_token(token)
+                    user_data = provider.parse_id_token(token, None)
 
                 # Add user data from app_provider endpoint
                 if app_provider and oauth_provider_config.app_provider.user_get:
diff --git a/assemblyline_ui/api/v4/user.py b/assemblyline_ui/api/v4/user.py
index 6c9740b1..a5d75411 100644
--- a/assemblyline_ui/api/v4/user.py
+++ b/assemblyline_ui/api/v4/user.py
@@ -355,7 +355,7 @@ def add_user_account(username, **_):
 
         # Check identity_id value
         if not data.get('identity_id'):
-            data.pop('identity_id')
+            data.pop('identity_id', None)
 
         if avatar is not None:
             STORAGE.user_avatar.save(username, avatar)
@@ -425,7 +425,7 @@ def get_user_account(username, **kwargs):
 
     user['roles'] = load_roles(user['type'], user.get('roles', None))
     if ROLES.administration not in kwargs['user']['roles']:
-        user.pop('identity_id')
+        user.pop('identity_id', None)
 
     return make_api_response(user)
 
@@ -525,7 +525,7 @@ def set_user_account(username, **kwargs):
 
         # Check identity_id value
         if not data.get('identity_id'):
-            data.pop('identity_id')
+            data.pop('identity_id', None)
 
         ret_val = save_user_account(username, data, kwargs['user'])
 
diff --git a/assemblyline_ui/app.py b/assemblyline_ui/app.py
index 2ba3720b..e8abc6b1 100644
--- a/assemblyline_ui/app.py
+++ b/assemblyline_ui/app.py
@@ -1,7 +1,7 @@
 import logging
 import os
 
-from authlib.integrations.base_client.base_oauth import OAUTH_CLIENT_PARAMS
+from authlib.integrations.base_client.registry import OAUTH_CLIENT_PARAMS
 from authlib.integrations.flask_client import OAuth
 from elasticapm.contrib.flask import ElasticAPM
 from flask import Flask
diff --git a/assemblyline_ui/helper/oauth.py b/assemblyline_ui/helper/oauth.py
index fc2d2269..66f38ce9 100644
--- a/assemblyline_ui/helper/oauth.py
+++ b/assemblyline_ui/helper/oauth.py
@@ -3,7 +3,7 @@
 import re
 import requests
 
-from authlib.integrations.flask_client import FlaskRemoteApp
+from authlib.integrations.flask_client import FlaskOAuth2App
 from assemblyline.odm.models.config import OAuthProvider
 from assemblyline.odm.models.user import load_roles, USER_TYPE_DEP
 from assemblyline.common.random_user import random_user
@@ -211,7 +211,7 @@ def parse_profile(profile: dict, provider: OAuthProvider):
     )
 
 
-def fetch_avatar(url: str, provider: FlaskRemoteApp, provider_config:OAuthProvider):
+def fetch_avatar(url: str, provider: FlaskOAuth2App, provider_config:OAuthProvider):
     if url.startswith(provider_config.api_base_url):
         resp = provider.get(url[len(provider_config.api_base_url):])
         if resp.ok and resp.headers.get("content-type") is not None:
diff --git a/pipelines/azure-test.yaml b/pipelines/azure-test.yaml
index 0f9ac79e..933cbd26 100644
--- a/pipelines/azure-test.yaml
+++ b/pipelines/azure-test.yaml
@@ -17,11 +17,12 @@ resources:
       ports:
         - 6379:6379
     - container: elasticsearch
-      image: cccs/elasticsearch:8.10.2
+      image: docker.elastic.co/elasticsearch/elasticsearch:8.10.2
       env:
+        xpack.security.enabled: true
+        discovery.type: single-node
         ES_JAVA_OPTS: "-Xms256m -Xmx512m"
-        DISCOVERY_TYPE: "single-node"
-        ELASTIC_PASSWORD: "devpass"
+        ELASTIC_PASSWORD: devpass
       ports:
         - 9200:9200
     - container: minio
diff --git a/setup.py b/setup.py
index 9e7a7336..ad8a5c78 100644
--- a/setup.py
+++ b/setup.py
@@ -47,7 +47,7 @@
         'markdown',
         'python-ldap',
         'python3-saml',
-        'authlib<1.0.0',
+        'Authlib>=1.3.1',
         'fido2<1.0.0',
         'PyJWT',
         'gunicorn',
diff --git a/test/test_user.py b/test/test_user.py
index 6e3ef87e..25e33c91 100644
--- a/test/test_user.py
+++ b/test/test_user.py
@@ -220,6 +220,9 @@ def test_set_user(datastore, login_session):
     u = random_model_obj(User).as_primitives()
     u['uname'] = username
 
+    # Omit setting identity_id for user (API shouldn't crash if identity_id is missing)
+    u.pop('identity_id')
+
     resp = get_api_data(session, f"{host}/api/v4/user/{username}/", method="POST", data=json.dumps(u))
     assert resp['success']