Check to see if the OidcClientConfigurationBuilder#sanitizeProviderUrl method is actually needed. It's currently called when setting the providerUrl here.

It seems that Azure relies on the trailing slash being present as described in this forum post: https://groups.google.com/g/wildfly/c/Jez_5ieZHkE/m/2nrWF0ONAQAJ

The presence of a trailing slash is already accounted for when determining the discovery URL so it might be possible to remove the call to sanitizeProviderUrl (see https://github.com/wildfly-security/wildfly-elytron/blob/1.x/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfiguration.java#L256-L280).