diff --git a/roles/custom/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml
index 47df0834b..000e91fd6 100644
--- a/roles/custom/matrix-synapse/tasks/validate_config.yml
+++ b/roles/custom/matrix-synapse/tasks/validate_config.yml
@@ -210,7 +210,7 @@
 - name: Fail if OpenID Connect is enabled for Synapse when auth is delegated to Matrix Authentication Service
   ansible.builtin.fail:
     msg: "When Synapse is delegating authentication to Matrix Authentication Service (`matrix_synapse_matrix_authentication_service_enabled: true`), it doesn't make sense to enable OpenID Connect (`matrix_synapse_oidc_enabled: true`), because it is not Synapse that is handling authentication. Synapse will refuse to start otherwise."
-  when: matrix_synapse_matrix_authentication_service_enabled and matrix_synapse_oidc_enabled
+  when: matrix_synapse_matrix_authentication_service_enabled and matrix_synapse_oidc_enabled and not matrix_authentication_service_migration_in_progress
 
 - name: Fail if CAS config is enabled for Synapse when auth is delegated to Matrix Authentication Service
   ansible.builtin.fail:
diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2
index 25585fafd..f5d85d328 100644
--- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2
@@ -2987,7 +2987,7 @@ background_updates:
     #default_batch_size: 50
 
 
-{% if matrix_synapse_matrix_authentication_service_enabled %}
+{% if matrix_synapse_matrix_authentication_service_enabled and not matrix_authentication_service_migration_in_progress %}
 matrix_authentication_service:
   enabled: true
   endpoint: {{ matrix_synapse_matrix_authentication_service_endpoint | to_json }}