diff --git a/init/sync.sh b/init/sync.sh
index c276fd1..4f93d4b 100755
--- a/init/sync.sh
+++ b/init/sync.sh
@@ -333,6 +333,18 @@ if realm_exists ecosplay; then
         '["https://ticket.e-cosplay.fr/api/auth/login/sso/validate","https://cos.local/api/auth/login/sso/validate","https://ticket.e-cosplay.fr/connection/sso/check","https://cos.local/connection/sso/check"]' \
         '["https://ticket.e-cosplay.fr","https://cos.local"]' \
         'https://ticket.e-cosplay.fr/*##https://cos.local/*'
+
+    log "Reconciling ecosplay_code client"
+    ensure_client ecosplay ecosplay_code "E-Cosplay Code" \
+        "Forge de code (Gitea) - login SSO via esy_lock provider" \
+        "change-me-in-admin-console" \
+        '["https://code.e-cosplay.fr/user/oauth2/esy_lock/callback","https://cos.local/user/oauth2/esy_lock/callback"]' \
+        '["https://code.e-cosplay.fr","https://cos.local"]' \
+        'https://code.e-cosplay.fr/*##https://cos.local/*'
+    set_client_uris ecosplay ecosplay_code \
+        '["https://code.e-cosplay.fr/user/oauth2/esy_lock/callback","https://cos.local/user/oauth2/esy_lock/callback"]' \
+        '["https://code.e-cosplay.fr","https://cos.local"]' \
+        'https://code.e-cosplay.fr/*##https://cos.local/*'
 else
     warn "ecosplay realm not found — will be imported on next boot"
 fi
diff --git a/realms/ecosplay-realm.json b/realms/ecosplay-realm.json
index 548d20b..bd3f313 100644
--- a/realms/ecosplay-realm.json
+++ b/realms/ecosplay-realm.json
@@ -117,6 +117,32 @@
         "pkce.code.challenge.method": "S256"
       }
     },
+    {
+      "clientId": "ecosplay_code",
+      "name": "E-Cosplay Code",
+      "description": "Forge de code (Gitea) - login SSO via esy_lock provider",
+      "enabled": true,
+      "publicClient": false,
+      "secret": "change-me-in-admin-console",
+      "redirectUris": [
+        "https://code.e-cosplay.fr/user/oauth2/esy_lock/callback",
+        "https://cos.local/user/oauth2/esy_lock/callback"
+      ],
+      "webOrigins": [
+        "https://code.e-cosplay.fr",
+        "https://cos.local"
+      ],
+      "protocol": "openid-connect",
+      "standardFlowEnabled": true,
+      "implicitFlowEnabled": false,
+      "directAccessGrantsEnabled": false,
+      "serviceAccountsEnabled": false,
+      "frontchannelLogout": true,
+      "attributes": {
+        "post.logout.redirect.uris": "https://code.e-cosplay.fr/*##https://cos.local/*",
+        "pkce.code.challenge.method": "S256"
+      }
+    },
     {
       "clientId": "eticket",
       "name": "E-Ticket",