diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7c4b0f8a..42c9e030 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@
 
 ## Changes since v7.4.0
 
+- [#1873](https://github.com/oauth2-proxy/oauth2-proxy/pull/1873) Fix empty users with some OIDC providers (@babs)
 - [#1882](https://github.com/oauth2-proxy/oauth2-proxy/pull/1882) Make `htpasswd.GetUsers` racecondition safe
 - [#1883](https://github.com/oauth2-proxy/oauth2-proxy/pull/1883) Ensure v8 manifest variant is set on docker images
 
diff --git a/providers/gitlab.go b/providers/gitlab.go
index 1049a403..a510debf 100644
--- a/providers/gitlab.go
+++ b/providers/gitlab.go
@@ -32,7 +32,10 @@ var _ Provider = (*GitLabProvider)(nil)
 
 // NewGitLabProvider initiates a new GitLabProvider
 func NewGitLabProvider(p *ProviderData, opts options.GitLabOptions) (*GitLabProvider, error) {
-	p.ProviderName = gitlabProviderName
+	p.setProviderDefaults(providerDefaults{
+		name: gitlabProviderName,
+	})
+
 	if p.Scope == "" {
 		p.Scope = gitlabDefaultScope
 	}
diff --git a/providers/keycloak_oidc.go b/providers/keycloak_oidc.go
index 6603f0ea..6e85136b 100644
--- a/providers/keycloak_oidc.go
+++ b/providers/keycloak_oidc.go
@@ -17,7 +17,9 @@ type KeycloakOIDCProvider struct {
 
 // NewKeycloakOIDCProvider makes a KeycloakOIDCProvider using the ProviderData
 func NewKeycloakOIDCProvider(p *ProviderData, opts options.KeycloakOptions) *KeycloakOIDCProvider {
-	p.ProviderName = keycloakOIDCProviderName
+	p.setProviderDefaults(providerDefaults{
+		name: keycloakOIDCProviderName,
+	})
 
 	provider := &KeycloakOIDCProvider{
 		OIDCProvider: &OIDCProvider{
diff --git a/providers/nextcloud.go b/providers/nextcloud.go
index c1538b36..32099ac2 100644
--- a/providers/nextcloud.go
+++ b/providers/nextcloud.go
@@ -21,7 +21,10 @@ const nextCloudProviderName = "Nextcloud"
 
 // NewNextcloudProvider initiates a new NextcloudProvider
 func NewNextcloudProvider(p *ProviderData) *NextcloudProvider {
-	p.ProviderName = nextCloudProviderName
+	p.setProviderDefaults(providerDefaults{
+		name: nextCloudProviderName,
+	})
+
 	p.getAuthorizationHeaderFunc = makeOIDCHeader
 	if p.EmailClaim == options.OIDCEmailClaim {
 		// This implies the email claim has not been overridden, we should set a default