diff --git a/internal/process/provisioning/create_runtime_resource_step.go b/internal/process/provisioning/create_runtime_resource_step.go
index 448bde7790..466f1171f1 100644
--- a/internal/process/provisioning/create_runtime_resource_step.go
+++ b/internal/process/provisioning/create_runtime_resource_step.go
@@ -275,10 +275,15 @@ func (s *CreateRuntimeResourceStep) createNetworkingConfiguration(operation inte
 		networkingParams = &internal.NetworkingDTO{}
 	}
 
+	nodes := networking.DefaultNodesCIDR
+	if networkingParams.NodesCidr != "" {
+		nodes = networkingParams.NodesCidr
+	}
+
 	return imv1.Networking{
 		Pods:     DefaultIfParamNotSet(networking.DefaultPodsCIDR, networkingParams.PodsCidr),
 		Services: DefaultIfParamNotSet(networking.DefaultServicesCIDR, networkingParams.ServicesCidr),
-		Nodes:    DefaultIfParamZero(networking.DefaultNodesCIDR, networkingParams.NodesCidr),
+		Nodes:    nodes,
 		//TODO remove when KIM is ready with setting this value
 		Type: ptr.String("calico"),
 	}
@@ -307,12 +312,24 @@ func (s *CreateRuntimeResourceStep) createKubernetesConfiguration(operation inte
 		UsernamePrefix: &s.oidcDefaultValues.UsernamePrefix,
 	}
 	if operation.ProvisioningParameters.Parameters.OIDC != nil {
-		oidc.SigningAlgs = DefaultIfParamZero(oidc.SigningAlgs, operation.ProvisioningParameters.Parameters.OIDC.SigningAlgs)
-		oidc.ClientID = DefaultIfParamZero(oidc.ClientID, &operation.ProvisioningParameters.Parameters.OIDC.ClientID)
-		oidc.GroupsClaim = DefaultIfParamZero(oidc.GroupsClaim, &operation.ProvisioningParameters.Parameters.OIDC.GroupsClaim)
-		oidc.IssuerURL = DefaultIfParamZero(oidc.IssuerURL, &operation.ProvisioningParameters.Parameters.OIDC.IssuerURL)
-		oidc.UsernameClaim = DefaultIfParamZero(oidc.UsernameClaim, &operation.ProvisioningParameters.Parameters.OIDC.UsernameClaim)
-		oidc.UsernamePrefix = DefaultIfParamZero(oidc.UsernamePrefix, &operation.ProvisioningParameters.Parameters.OIDC.UsernamePrefix)
+		if operation.ProvisioningParameters.Parameters.OIDC.ClientID != "" {
+			oidc.ClientID = &operation.ProvisioningParameters.Parameters.OIDC.ClientID
+		}
+		if operation.ProvisioningParameters.Parameters.OIDC.GroupsClaim != "" {
+			oidc.GroupsClaim = &operation.ProvisioningParameters.Parameters.OIDC.GroupsClaim
+		}
+		if operation.ProvisioningParameters.Parameters.OIDC.IssuerURL != "" {
+			oidc.IssuerURL = &operation.ProvisioningParameters.Parameters.OIDC.IssuerURL
+		}
+		if len(operation.ProvisioningParameters.Parameters.OIDC.SigningAlgs) > 0 {
+			oidc.SigningAlgs = operation.ProvisioningParameters.Parameters.OIDC.SigningAlgs
+		}
+		if operation.ProvisioningParameters.Parameters.OIDC.UsernameClaim != "" {
+			oidc.UsernameClaim = &operation.ProvisioningParameters.Parameters.OIDC.UsernameClaim
+		}
+		if operation.ProvisioningParameters.Parameters.OIDC.UsernamePrefix != "" {
+			oidc.UsernamePrefix = &operation.ProvisioningParameters.Parameters.OIDC.UsernamePrefix
+		}
 	}
 
 	return imv1.Kubernetes{
diff --git a/internal/process/provisioning/create_runtime_resource_step_test.go b/internal/process/provisioning/create_runtime_resource_step_test.go
index 0566901d4e..f879b4fd4d 100644
--- a/internal/process/provisioning/create_runtime_resource_step_test.go
+++ b/internal/process/provisioning/create_runtime_resource_step_test.go
@@ -709,6 +709,36 @@ func Test_Defaults(t *testing.T) {
 	assert.Equal(t, "initial value", nonEmpty)
 }
 
+func Test_DefaultsOnActualStructures(t *testing.T) {
+	//given
+	_, operation := fixInstanceAndOperation(broker.AzurePlanID, "westeurope", "platform-region")
+	oidc := defaultOIDSConfig
+
+	//when
+	operation.ProvisioningParameters.Parameters.OIDC = &internal.OIDCConfigDTO{
+		ClientID:       "",
+		GroupsClaim:    "gc-custom",
+		IssuerURL:      "issuer-url-custom",
+		SigningAlgs:    []string{},
+		UsernameClaim:  "",
+		UsernamePrefix: "up-custom",
+	}
+
+	oidc.ClientID = DefaultIfParamZero(defaultOIDSConfig.ClientID, operation.ProvisioningParameters.Parameters.OIDC.ClientID)
+	oidc.GroupsClaim = DefaultIfParamZero(defaultOIDSConfig.GroupsClaim, operation.ProvisioningParameters.Parameters.OIDC.GroupsClaim)
+	oidc.IssuerURL = DefaultIfParamZero(defaultOIDSConfig.IssuerURL, operation.ProvisioningParameters.Parameters.OIDC.IssuerURL)
+	oidc.UsernameClaim = DefaultIfParamZero(defaultOIDSConfig.UsernameClaim, operation.ProvisioningParameters.Parameters.OIDC.UsernameClaim)
+	oidc.UsernamePrefix = DefaultIfParamZero(defaultOIDSConfig.UsernamePrefix, operation.ProvisioningParameters.Parameters.OIDC.UsernamePrefix)
+
+	//then
+	assert.Len(t, oidc.SigningAlgs, 1)
+	assert.Equal(t, defaultOIDSConfig.ClientID, oidc.ClientID)
+	assert.Equal(t, "gc-custom", oidc.GroupsClaim)
+	assert.Equal(t, "issuer-url-custom", oidc.IssuerURL)
+	assert.Equal(t, defaultOIDSConfig.UsernameClaim, oidc.UsernameClaim)
+	assert.Equal(t, "up-custom", oidc.UsernamePrefix)
+}
+
 // assertions
 
 func assertSecurityWithDefaultAdministrator(t *testing.T, runtime imv1.Runtime) {