diff --git a/deploy/.env.example b/deploy/.env.example
index 59f63e9c..eb9b4143 100644
--- a/deploy/.env.example
+++ b/deploy/.env.example
@@ -26,6 +26,7 @@ ODP_MAIL_PASSWORD=
 
 # Identity service
 ODP_IDENTITY_FLASK_KEY=xxxxx
+ODP_IDENTITY_NCCRD_BRAND_CLIENT_ID=SAEON.NCCIS
 
 # Admin service
 ODP_ADMIN_UI_FLASK_KEY=xxxxx
diff --git a/deploy/README.md b/deploy/README.md
index 4cd463f9..2739d069 100644
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -19,6 +19,7 @@ containing the following environment variables:
 - **`ODP_MAIL_USERNAME`**: SMTP account email
 - **`ODP_MAIL_PASSWORD`**: SMTP account password
 - **`ODP_IDENTITY_FLASK_KEY`**: Flask secret key for the ODP identity service
+- **`ODP_IDENTITY_NCCRD_BRAND_CLIENT_ID`**: OAuth2 client ID for the NCCRD, for DFFE branding
 - **`ODP_ADMIN_UI_FLASK_KEY`**: Flask secret key for the ODP admin service
 - **`ODP_ADMIN_UI_CLIENT_ID`**: OAuth2 client ID for the ODP admin service
 - **`ODP_ADMIN_UI_CLIENT_SECRET`**: OAuth2 client secret for the ODP admin service
diff --git a/deploy/docker-compose.yml b/deploy/docker-compose.yml
index e5711b48..31cba21d 100644
--- a/deploy/docker-compose.yml
+++ b/deploy/docker-compose.yml
@@ -33,6 +33,7 @@ services:
       - ODP_MAIL_PASSWORD
       - ODP_ADMIN_INSTITUTION=saeon
       - ODP_IDENTITY_LOGIN_EXPIRY=2592000
+      - ODP_IDENTITY_NCCRD_BRAND_CLIENT_ID
       - HYDRA_ADMIN_URL=${ODP_ADMIN_URL}/hydra
       - REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
       - GUNICORN_CMD_ARGS=--forwarded-allow-ips=*