diff --git a/openid-connect-client/pom.xml b/openid-connect-client/pom.xml
index fd33196a47..f9dc01c7b5 100644
--- a/openid-connect-client/pom.xml
+++ b/openid-connect-client/pom.xml
@@ -22,7 +22,7 @@
 	<parent>
 		<artifactId>openid-connect-parent</artifactId>
 		<groupId>org.mitre</groupId>
-		<version>2.0.0.cnaf-20260603</version>
+		<version>2.0.0.cnaf-20260624</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>openid-connect-client</artifactId>
diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
deleted file mode 100644
index b43b649df2..0000000000
--- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/*******************************************************************************
- * Copyright 2018 The MIT Internet Trust Consortium
- *
- * Portions copyright 2011-2013 The MITRE Corporation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *******************************************************************************/
-package org.mitre.openid.connect.client;
-
-import java.util.Collection;
-
-import org.mitre.openid.connect.model.OIDCAuthenticationToken;
-import org.mitre.openid.connect.model.PendingOIDCAuthenticationToken;
-import org.mitre.openid.connect.model.UserInfo;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-
-import com.google.common.base.Strings;
-import com.nimbusds.jwt.JWT;
-
-/**
- * @author nemonik, Justin Richer
- *
- */
-public class OIDCAuthenticationProvider implements AuthenticationProvider {
-
-	private static Logger logger = LoggerFactory.getLogger(OIDCAuthenticationProvider.class);
-
-	private UserInfoFetcher userInfoFetcher = new UserInfoFetcher();
-
-	private OIDCAuthoritiesMapper authoritiesMapper = new NamedAdminAuthoritiesMapper();
-
-	/*
-	 * (non-Javadoc)
-	 *
-	 * @see org.springframework.security.authentication.AuthenticationProvider#
-	 * authenticate(org.springframework.security.core.Authentication)
-	 */
-	@Override
-	public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
-
-		if (!supports(authentication.getClass())) {
-			return null;
-		}
-
-		if (authentication instanceof PendingOIDCAuthenticationToken) {
-
-			PendingOIDCAuthenticationToken token = (PendingOIDCAuthenticationToken) authentication;
-
-			// get the ID Token value out
-			JWT idToken = token.getIdToken();
-
-			// load the user info if we can
-			UserInfo userInfo = userInfoFetcher.loadUserInfo(token);
-
-			if (userInfo == null) {
-				// user info not found -- could be an error, could be fine
-			} else {
-				// if we found userinfo, double check it
-				if (!Strings.isNullOrEmpty(userInfo.getSub()) && !userInfo.getSub().equals(token.getSub())) {
-					// the userinfo came back and the user_id fields don't match what was in the id_token
-					throw new UsernameNotFoundException("user_id mismatch between id_token and user_info call: " + token.getSub() + " / " + userInfo.getSub());
-				}
-			}
-
-			return createAuthenticationToken(token, authoritiesMapper.mapAuthorities(idToken, userInfo), userInfo);
-		}
-
-		return null;
-	}
-
-	/**
-	 * Override this function to return a different kind of Authentication, processes the authorities differently,
-	 * or do post-processing based on the UserInfo object.
-	 *
-	 * @param token
-	 * @param authorities
-	 * @param userInfo
-	 * @return
-	 */
-	protected Authentication createAuthenticationToken(PendingOIDCAuthenticationToken token, Collection<? extends GrantedAuthority> authorities, UserInfo userInfo) {
-		return new OIDCAuthenticationToken(token.getSub(),
-				token.getIssuer(),
-				userInfo, authorities,
-				token.getIdToken(), token.getAccessTokenValue(), token.getRefreshTokenValue());
-	}
-
-	/**
-	 * @param userInfoFetcher
-	 */
-	public void setUserInfoFetcher(UserInfoFetcher userInfoFetcher) {
-		this.userInfoFetcher = userInfoFetcher;
-	}
-
-	/**
-	 * @param authoritiesMapper
-	 */
-	public void setAuthoritiesMapper(OIDCAuthoritiesMapper authoritiesMapper) {
-		this.authoritiesMapper = authoritiesMapper;
-	}
-
-	/*
-	 * (non-Javadoc)
-	 *
-	 * @see
-	 * org.springframework.security.authentication.AuthenticationProvider#supports
-	 * (java.lang.Class)
-	 */
-	@Override
-	public boolean supports(Class<?> authentication) {
-		return PendingOIDCAuthenticationToken.class.isAssignableFrom(authentication);
-	}
-}
diff --git a/openid-connect-common/pom.xml b/openid-connect-common/pom.xml
index 5df3fa4ae2..a2142ba7d3 100644
--- a/openid-connect-common/pom.xml
+++ b/openid-connect-common/pom.xml
@@ -22,7 +22,7 @@
 	<parent>
 		<artifactId>openid-connect-parent</artifactId>
 		<groupId>org.mitre</groupId>
-		<version>2.0.0.cnaf-20260603</version>
+		<version>2.0.0.cnaf-20260624</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>openid-connect-common</artifactId>
diff --git a/openid-connect-server/pom.xml b/openid-connect-server/pom.xml
index ada12f5a57..60666f3597 100644
--- a/openid-connect-server/pom.xml
+++ b/openid-connect-server/pom.xml
@@ -23,7 +23,7 @@
 	<parent>
 		<groupId>org.mitre</groupId>
 		<artifactId>openid-connect-parent</artifactId>
-		<version>2.0.0.cnaf-20260603</version>
+		<version>2.0.0.cnaf-20260624</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<build>
diff --git a/pom.xml b/pom.xml
index 0bedc701f1..2b5235a440 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.mitre</groupId>
 	<artifactId>openid-connect-parent</artifactId>
-	<version>2.0.0.cnaf-20260603</version>
+	<version>2.0.0.cnaf-20260624</version>
 	<name>MITREid Connect</name>
 	<packaging>pom</packaging>
 	<parent>
diff --git a/uma-server-webapp/src/main/webapp/WEB-INF/user-context.xml b/uma-server-webapp/src/main/webapp/WEB-INF/user-context.xml
index 4a2f7bb0d3..e5fafc369a 100644
--- a/uma-server-webapp/src/main/webapp/WEB-INF/user-context.xml
+++ b/uma-server-webapp/src/main/webapp/WEB-INF/user-context.xml
@@ -53,12 +53,6 @@
 		<security:authentication-provider ref="externalAuthenticationProvider" />
 	</security:authentication-manager>
 
-	<bean id="externalAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
-		<property name="authoritiesMapper">
-			<bean class="org.mitre.uma.util.ExternalLoginAuthoritiesMapper" />
-		</property>
-	</bean>
-
 	<bean id="externalAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter">
 		<property name="authenticationManager" ref="externalAuthenticationManager" />