diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
index e53e912de..ca580b5c4 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
@@ -16,9 +16,13 @@ use base qw(Lemonldap::NG::Portal::_OpenIDConnect);
 our $VERSION = '2.00';
 
 ## @method void issuerDBInit()
-# Do nothing
+# Get configuration data
 # @return Lemonldap::NG::Portal error code
 sub issuerDBInit {
+    my $self = shift;
+
+    return PE_ERROR unless $self->loadRPs;
+
     return PE_OK;
 }
 
@@ -218,7 +222,25 @@ sub issuerForAuthUser {
                 "Request from client id " . $oidc_request->{'client_id'},
                 'debug' );
 
-            # TODO verify that client_id is registered in configuration
+            # Verify that client_id is registered in configuration
+            my $rp = $self->getRP( $oidc_request->{'client_id'} );
+
+            unless ($rp) {
+                $self->lmLog(
+                    "No registered Relaying Party found with client_id "
+                      . $oidc_request->{'client_id'},
+                    'error'
+                );
+                return PE_ERROR;
+            }
+            else {
+                $self->lmLog(
+                    "Cient id "
+                      . $oidc_request->{'client_id'}
+                      . " match RP $rp",
+                    'debug'
+                );
+            }
 
             # TODO obtain consent
 
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
index 5586faf36..b107ec335 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
@@ -65,6 +65,36 @@ sub loadOPs {
     return 1;
 }
 
+## @method boolean loadRPs(boolean no_cache)
+# Load OpenID Connect Relaying Parties
+# @param no_cache Disable cache use
+# @return boolean result
+sub loadRPs {
+    my ( $self, $no_cache ) = splice @_;
+
+    # Check cache
+    unless ($no_cache) {
+        if ( $oidcCache->{_oidcRPList} ) {
+            $self->lmLog( "Load RPs from cache", 'debug' );
+            $self->{_oidcRPList} = $oidcCache->{_oidcRPList};
+            return 1;
+        }
+    }
+
+    # Check presence of at least one relaying party in configuration
+    unless ( $self->{oidcRPMetaDataOptions}
+        and keys %{ $self->{oidcRPMetaDataOptions} } )
+    {
+        $self->lmLog( "No OpenID Connect Relaying Party found in configuration",
+            'warn' );
+    }
+
+    $self->{_oidcRPList} = $self->{oidcRPMetaDataOptions};
+    $oidcCache->{_oidcRPList} = $self->{_oidcRPList} unless $no_cache;
+
+    return 1;
+}
+
 ## @method boolean refreshJWKSdata(boolean no_cache)
 # Refresh JWKS data if needed
 # @param no_cache Disable cache update
@@ -136,6 +166,26 @@ sub refreshJWKSdata {
     return 1;
 }
 
+## @method String getRP(String client_id)
+# Get Relaying Party corresponding to a Client ID
+# @param client_id Client ID
+# @return String result
+sub getRP {
+    my ( $self, $client_id ) = splice @_;
+    my $rp;
+
+    foreach ( keys %{ $self->{_oidcRPList} } ) {
+        if ( $client_id eq
+            $self->{_oidcRPList}->{$_}->{oidcRPMetaDataOptionsClientID} )
+        {
+            $rp = $_;
+            last;
+        }
+    }
+
+    return $rp;
+}
+
 ## @method String getCallbackUri()
 # Compute callback URI
 # @return String Callback URI
@@ -707,10 +757,18 @@ and user information loading
 
 Load OpenID Connect Providers and JWKS data
 
+=head2 loadRPs
+
+Load OpenID Connect Relaying Parties
+
 =head2 refreshJWKSdata
 
 Refresh JWKS data if needed
 
+=head2 getRP
+
+Get Relaying Party corresponding to a Client ID
+
 =head2 getCallbackUri
 
 Compute callback URI