The .well-known/openid-configuration endpoint containing all the OIDC information. You should be able to visit the page and view it yourself.
The scopes that will be requested from the OIDC provider. "openid" is almost always required. Add the scopes required to fetch the username and group claims.
The claim that will be used for the username. Make sure the respective scope is passed along above. For example some services expect the "email" claim to be able to use the email. "sub" is always avaiable. You can head to the OIDC endpoint to see what claims are avaiable.
The claim that contains the group(s) the user is in. For example, if a user is in the group "trusted" they will be assigned the Trusted role here. The group claim can be a list of groups or a single one and is case-insensitive.
After you login on your authentication server, you will be redirected to /auth/oidc. Determine if you should be redirected to http or https. This should match up with what you configured as the redirect URL in your OIDC provider.
The link you'll be redirected to upon logging out. If your OIDC provider has the end_session_endpoint defined, it'll use that as the logout url.
Make sure all the settings are correct. In the case of a miconfiguration, you can log in at /login?backup=1 to fix the settings. Note: To test your OpenID Connect settings you have to log out to invalidate your current session first.