diff --git a/auth/auth.nix b/auth/auth.nix
index 246a09d..75da8f5 100644
--- a/auth/auth.nix
+++ b/auth/auth.nix
@@ -100,6 +100,12 @@ lib.mkIf config.selfprivacy.sso.enable {
     )
   ];
 
+  networking.hosts = {
+    # Allow the services to communicate with kanidm even if
+    # there is no DNS record yet
+    "127.0.0.1" = [ auth-fqdn ];
+  };
+
 
   # kanidm uses TLS in internal connection with nginx too
   # FIXME revise this: maybe kanidm must not have access to a public TLS