diff --git a/.schemastore/config.schema.json b/.schemastore/config.schema.json
index 9d853c1e64f3..3a8297d9d1c7 100644
--- a/.schemastore/config.schema.json
+++ b/.schemastore/config.schema.json
@@ -519,7 +519,7 @@
           "title": "Microsoft subject source",
           "description": "Controls which source the subject identifier is taken from by microsoft provider. If set to `userinfo` (the default) then the identifier is taken from the `sub` field of OIDC ID token or data received from `/userinfo` standard OIDC endpoint. If set to `me` then the `id` field of data structure received from `https://graph.microsoft.com/v1.0/me` is taken as an identifier.",
           "type": "string",
-          "enum": ["userinfo", "me"],
+          "enum": ["userinfo", "me", "oid"],
           "default": "userinfo",
           "examples": ["userinfo"]
         },
diff --git a/embedx/config.schema.json b/embedx/config.schema.json
index abe5a4e7ac5b..4c98a58138f0 100644
--- a/embedx/config.schema.json
+++ b/embedx/config.schema.json
@@ -519,7 +519,7 @@
           "title": "Microsoft subject source",
           "description": "Controls which source the subject identifier is taken from by microsoft provider. If set to `userinfo` (the default) then the identifier is taken from the `sub` field of OIDC ID token or data received from `/userinfo` standard OIDC endpoint. If set to `me` then the `id` field of data structure received from `https://graph.microsoft.com/v1.0/me` is taken as an identifier.",
           "type": "string",
-          "enum": ["userinfo", "me"],
+          "enum": ["userinfo", "me", "oid"],
           "default": "userinfo",
           "examples": ["userinfo"]
         },
diff --git a/selfservice/strategy/oidc/provider.go b/selfservice/strategy/oidc/provider.go
index 30ea305a22ed..2241cb93d193 100644
--- a/selfservice/strategy/oidc/provider.go
+++ b/selfservice/strategy/oidc/provider.go
@@ -55,6 +55,7 @@ type NonceValidationSkipper interface {
 type Claims struct {
 	Issuer              string                 `json:"iss,omitempty"`
 	Subject             string                 `json:"sub,omitempty"`
+	Object              string                 `json:"oid,omitempty"`
 	Name                string                 `json:"name,omitempty"`
 	GivenName           string                 `json:"given_name,omitempty"`
 	FamilyName          string                 `json:"family_name,omitempty"`
diff --git a/selfservice/strategy/oidc/provider_microsoft.go b/selfservice/strategy/oidc/provider_microsoft.go
index d69206ec4d87..ec634ce75e3e 100644
--- a/selfservice/strategy/oidc/provider_microsoft.go
+++ b/selfservice/strategy/oidc/provider_microsoft.go
@@ -117,6 +117,10 @@ func (m *ProviderMicrosoft) updateSubject(ctx context.Context, claims *Claims, e
 		claims.Subject = user.ID
 	}
 
+	if m.config.SubjectSource == "oid" {
+		claims.Subject = claims.Object
+	}
+
 	return claims, nil
 }