diff --git a/app/controllers/agent_connect/agent_controller.rb b/app/controllers/agent_connect/agent_controller.rb
index 17bf6cf92..718a866de 100644
--- a/app/controllers/agent_connect/agent_controller.rb
+++ b/app/controllers/agent_connect/agent_controller.rb
@@ -1,4 +1,8 @@
 class AgentConnect::AgentController < ApplicationController
   def index
   end
+
+  def login
+    redirect_to AgentConnectService.authorization_uri
+  end
 end
diff --git a/app/models/agent_connect_client.rb b/app/models/agent_connect_client.rb
new file mode 100644
index 000000000..45cab0bb0
--- /dev/null
+++ b/app/models/agent_connect_client.rb
@@ -0,0 +1,5 @@
+class AgentConnectClient < OpenIDConnect::Client
+  def initialize
+    super(AGENT_CONNECT)
+  end
+end
diff --git a/app/services/agent_connect_service.rb b/app/services/agent_connect_service.rb
index 1887d39f4..95d422f37 100644
--- a/app/services/agent_connect_service.rb
+++ b/app/services/agent_connect_service.rb
@@ -2,4 +2,15 @@ class AgentConnectService
   def self.enabled?
     ENV.fetch("AGENT_CONNECT_ENABLED", "enabled") == "enabled"
   end
+
+  def self.authorization_uri
+    client = AgentConnectClient.new
+
+    client.authorization_uri(
+      scope: [:openid, :email],
+      state: SecureRandom.hex(16),
+      nonce: SecureRandom.hex(16),
+      acr_values: 'eidas1'
+    )
+  end
 end
diff --git a/config/routes.rb b/config/routes.rb
index 738af7695..fa89733a0 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -131,6 +131,7 @@ Rails.application.routes.draw do
 
   namespace :agent_connect do
     get '' => 'agent#index'
+    get 'login' => 'agent#login'
   end
 
   namespace :champs do