diff --git a/backend/webapi/Extensions/ClaimsPrincipalExtensions.cs b/backend/webapi/Extensions/ClaimsPrincipalExtensions.cs
index c1691575c..0a07e8b8a 100644
--- a/backend/webapi/Extensions/ClaimsPrincipalExtensions.cs
+++ b/backend/webapi/Extensions/ClaimsPrincipalExtensions.cs
@@ -45,9 +45,23 @@ public static Guid GetUserId(this ClaimsPrincipal? user)
     public static string? GetIdentityProvider(this ClaimsPrincipal? user) => user?.FindFirstValue(Claims.IdentityProvider);
 
     /// <summary>
-    /// Returns the Identity Provider ID of the User, or null if User is null
+    /// Returns the Identity Provider ID of the User, or null if User is null.
+    /// Trims "@bcp" off the end if the Identity Provider is BC Provider.
     /// </summary>
-    public static string? GetIdpId(this ClaimsPrincipal? user) => user?.FindFirstValue(Claims.PreferredUsername);
+    public static string? GetIdpId(this ClaimsPrincipal? user)
+    {
+        var idpId = user?.FindFirstValue(Claims.PreferredUsername);
+
+        if (idpId != null
+            && user.GetIdentityProvider() == IdentityProviders.BCProvider
+            && idpId.EndsWith("@bcp", StringComparison.InvariantCultureIgnoreCase))
+        {
+            // Keycloak adds "@<identity provider>" at the end of the IDP ID, and for BC Providers this won't match what we have in the DB if we don't trim it.
+            idpId = idpId[..^4];
+        }
+
+        return idpId;
+    }
 
     /// <summary>
     /// Parses the Resource Access claim and returns the roles for the given resource
diff --git a/backend/webapi/Features/CommonDomainEventHandlers/PlrCpnLookupFoundHandlers.cs b/backend/webapi/Features/CommonDomainEventHandlers/PlrCpnLookupFoundHandlers.cs
index 11ad68edc..f1f8a4fc4 100644
--- a/backend/webapi/Features/CommonDomainEventHandlers/PlrCpnLookupFoundHandlers.cs
+++ b/backend/webapi/Features/CommonDomainEventHandlers/PlrCpnLookupFoundHandlers.cs
@@ -61,7 +61,7 @@ public async Task Handle(PlrCpnLookupFound notification, CancellationToken cance
             if (await this.keycloakClient.AssignAccessRoles(userId, MohKeycloakEnrolment.PractitionerLicenceStatus))
             {
                 this.context.BusinessEvents.Add(LicenceStatusRoleAssigned.Create(notification.PartyId, MohKeycloakEnrolment.PractitionerLicenceStatus, this.clock.GetCurrentInstant()));
-            };
+            }
         }
     }
 }
diff --git a/backend/webapi/Features/Discovery/Discovery.cs b/backend/webapi/Features/Discovery/Discovery.cs
index 3e94f9d70..b6509b973 100644
--- a/backend/webapi/Features/Discovery/Discovery.cs
+++ b/backend/webapi/Features/Discovery/Discovery.cs
@@ -6,7 +6,6 @@ namespace Pidp.Features.Discovery;
 
 using Pidp.Data;
 using Pidp.Extensions;
-using Pidp.Infrastructure.Auth;
 using Pidp.Models;
 
 public class Discovery
@@ -26,15 +25,6 @@ public async Task<IDomainResult<int>> HandleAsync(Command command)
         {
             var lowerIdpId = command.User.GetIdpId()?.ToLowerInvariant();
 
-            // TODO: consider a more general approach for this; maybe in User.GetIdpId()?
-            if (command.User.GetIdentityProvider() == IdentityProviders.BCProvider
-                && lowerIdpId != null
-                && lowerIdpId.EndsWith("@bcp", StringComparison.InvariantCulture))
-            {
-                // Keycloak adds "@bcp" at the end of the IDP ID, and so won't match what we have in the DB if we don't trim it.
-                lowerIdpId = lowerIdpId[..^4];
-            }
-
 #pragma warning disable CA1304 // ToLower() is Locale Dependant
             var credential = await this.context.Credentials
                 .SingleOrDefaultAsync(credential => credential.UserId == command.User.GetUserId()
diff --git a/backend/webapi/Infrastructure/HttpClients/BCProvider/BCProviderApiDefinitions.cs b/backend/webapi/Infrastructure/HttpClients/BCProvider/BCProviderApiDefinitions.cs
index 7020680ba..2ead36c12 100644
--- a/backend/webapi/Infrastructure/HttpClients/BCProvider/BCProviderApiDefinitions.cs
+++ b/backend/webapi/Infrastructure/HttpClients/BCProvider/BCProviderApiDefinitions.cs
@@ -33,7 +33,7 @@ public class BCProviderAttributes
 
     public static BCProviderAttributes FromNewUser(string clientId, NewUserRepresentation representation)
     {
-        var attributes = new BCProviderAttributes(clientId)
+        var newAttributes = new BCProviderAttributes(clientId)
             .SetEndorserData(representation.EndorserData)
             .SetHpdid(representation.Hpdid)
             .SetIsMd(representation.IsMd)
@@ -45,10 +45,10 @@ public static BCProviderAttributes FromNewUser(string clientId, NewUserRepresent
 
         if (!string.IsNullOrWhiteSpace(representation.Cpn))
         {
-            attributes.SetCpn(representation.Cpn);
+            newAttributes.SetCpn(representation.Cpn);
         }
 
-        return attributes;
+        return newAttributes;
     }
 
     public Dictionary<string, object> AsAdditionalData() => this.attributes;