diff --git a/.vscode/launch.json b/.vscode/launch.json
index c714629bd..18c415a07 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -54,6 +54,9 @@
                 // idp ldap
                 "IDM_IDPSVC_PASSWORD": "some-ldap-idp-password",
                 "IDP_LDAP_BIND_PASSWORD": "some-ldap-idp-password",
+                // storage users mount ID
+                "GATEWAY_STORAGE_USERS_MOUNT_ID": "storage-users-1",
+                "STORAGE_USERS_MOUNT_ID": "storage-users-1"
             }
         }
     ]
diff --git a/changelog/unreleased/mount-ids.md b/changelog/unreleased/mount-ids.md
new file mode 100644
index 000000000..18dce0ccf
--- /dev/null
+++ b/changelog/unreleased/mount-ids.md
@@ -0,0 +1,5 @@
+Bugfix: Make storage users mount ids unique by default
+
+The mount ID of the storage users provider needs to be unique by default. We made this value configurable and added it to ocis init to be sure that we have a random uuid v4. This is important for federated instances.
+
+https://github.com/owncloud/ocis/pull/5091
diff --git a/ocis/pkg/init/init.go b/ocis/pkg/init/init.go
index 429d35998..e039e5c74 100644
--- a/ocis/pkg/init/init.go
+++ b/ocis/pkg/init/init.go
@@ -110,7 +110,16 @@ type Sharing struct {
 }
 
 type StorageUsers struct {
-	Events Events
+	Events  Events
+	MountID string `yaml:"mount_id"`
+}
+
+type Gateway struct {
+	StorageRegistry StorageRegistry `yaml:"storage_registry"`
+}
+
+type StorageRegistry struct {
+	StorageUsersMountID string `yaml:"storage_users_mount_id"`
 }
 
 type Notifications struct {
@@ -160,6 +169,7 @@ type OcisConfig struct {
 	StorageUsers      StorageUsers `yaml:"storage_users"`
 	Notifications     Notifications
 	Nats              Nats
+	Gateway           Gateway
 }
 
 func checkConfigPath(configPath string) error {
@@ -210,6 +220,7 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin
 
 	systemUserID := uuid.Must(uuid.NewV4()).String()
 	adminUserID := uuid.Must(uuid.NewV4()).String()
+	storageUsersMountID := uuid.Must(uuid.NewV4()).String()
 
 	idmServicePassword, err := generators.GenerateRandomPassword(passwordLength)
 	if err != nil {
@@ -307,6 +318,14 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin
 				TransferSecret: thumbnailsTransferSecret,
 			},
 		},
+		Gateway: Gateway{
+			StorageRegistry: StorageRegistry{
+				StorageUsersMountID: storageUsersMountID,
+			},
+		},
+		StorageUsers: StorageUsers{
+			MountID: storageUsersMountID,
+		},
 	}
 
 	if insecure {
diff --git a/services/gateway/pkg/config/config.go b/services/gateway/pkg/config/config.go
index 8a9829df5..ab49933d1 100644
--- a/services/gateway/pkg/config/config.go
+++ b/services/gateway/pkg/config/config.go
@@ -80,9 +80,10 @@ type GRPCConfig struct {
 }
 
 type StorageRegistry struct {
-	Driver string   `yaml:"driver"` //TODO: configure via env?
-	Rules  []string `yaml:"rules"`  //TODO: configure via env?
-	JSON   string   `yaml:"json"`   //TODO: configure via env?
+	Driver              string   `yaml:"driver"` //TODO: configure via env?
+	Rules               []string `yaml:"rules"`  //TODO: configure via env?
+	JSON                string   `yaml:"json"`   //TODO: configure via env?
+	StorageUsersMountID string   `yaml:"storage_users_mount_id" env:"GATEWAY_STORAGE_USERS_MOUNT_ID" desc:"Mount ID of this storage. This ID needs to be unique."`
 }
 
 // Cache holds cache config
diff --git a/services/gateway/pkg/config/parser/parse.go b/services/gateway/pkg/config/parser/parse.go
index aea69ba8c..7ca0fddc1 100644
--- a/services/gateway/pkg/config/parser/parse.go
+++ b/services/gateway/pkg/config/parser/parse.go
@@ -2,13 +2,14 @@ package parser
 
 import (
 	"errors"
+	"fmt"
 
 	ociscfg "github.com/owncloud/ocis/v2/ocis-pkg/config"
+	defaults2 "github.com/owncloud/ocis/v2/ocis-pkg/config/defaults"
+	"github.com/owncloud/ocis/v2/ocis-pkg/config/envdecode"
 	"github.com/owncloud/ocis/v2/ocis-pkg/shared"
 	"github.com/owncloud/ocis/v2/services/gateway/pkg/config"
 	"github.com/owncloud/ocis/v2/services/gateway/pkg/config/defaults"
-
-	"github.com/owncloud/ocis/v2/ocis-pkg/config/envdecode"
 )
 
 // ParseConfig loads configuration from known paths.
@@ -42,5 +43,13 @@ func Validate(cfg *config.Config) error {
 		return shared.MissingRevaTransferSecretError(cfg.Service.Name)
 	}
 
+	if cfg.StorageRegistry.StorageUsersMountID == "" {
+		return fmt.Errorf("The storage users mount ID has not been configured for %s. "+
+			"Make sure your %s config contains the proper values "+
+			"(e.g. by running ocis init or setting it manually in "+
+			"the config/corresponding environment variable).",
+			"gateway", defaults2.BaseConfigPath())
+	}
+
 	return nil
 }
diff --git a/services/gateway/pkg/revaconfig/config.go b/services/gateway/pkg/revaconfig/config.go
index 30d531f91..6278dbbb5 100644
--- a/services/gateway/pkg/revaconfig/config.go
+++ b/services/gateway/pkg/revaconfig/config.go
@@ -123,11 +123,10 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 		}
 		return rules
 	}
-
 	// generate rules based on default config
 	return map[string]map[string]interface{}{
 		cfg.StorageUsersEndpoint: {
-			"providerid": "1284d238-aa92-42ce-bdc4-0b0000009157",
+			"providerid": cfg.StorageRegistry.StorageUsersMountID,
 			"spaces": map[string]interface{}{
 				"personal": map[string]interface{}{
 					"mount_point":   "/users",
diff --git a/services/storage-users/pkg/config/defaults/defaultconfig.go b/services/storage-users/pkg/config/defaults/defaultconfig.go
index 66c1be903..8cef442bd 100644
--- a/services/storage-users/pkg/config/defaults/defaultconfig.go
+++ b/services/storage-users/pkg/config/defaults/defaultconfig.go
@@ -39,7 +39,6 @@ func DefaultConfig() *config.Config {
 		},
 		Reva:             shared.DefaultRevaConfig(),
 		DataServerURL:    "http://localhost:9158/data",
-		MountID:          "1284d238-aa92-42ce-bdc4-0b0000009157",
 		UploadExpiration: 24 * 60 * 60,
 		Driver:           "ocis",
 		Drivers: config.Drivers{
diff --git a/services/storage-users/pkg/config/parser/parse.go b/services/storage-users/pkg/config/parser/parse.go
index 049a504ab..9347c621e 100644
--- a/services/storage-users/pkg/config/parser/parse.go
+++ b/services/storage-users/pkg/config/parser/parse.go
@@ -2,8 +2,10 @@ package parser
 
 import (
 	"errors"
+	"fmt"
 
 	ociscfg "github.com/owncloud/ocis/v2/ocis-pkg/config"
+	defaults2 "github.com/owncloud/ocis/v2/ocis-pkg/config/defaults"
 	"github.com/owncloud/ocis/v2/ocis-pkg/shared"
 	"github.com/owncloud/ocis/v2/services/storage-users/pkg/config"
 	"github.com/owncloud/ocis/v2/services/storage-users/pkg/config/defaults"
@@ -38,5 +40,12 @@ func Validate(cfg *config.Config) error {
 		return shared.MissingJWTTokenError(cfg.Service.Name)
 	}
 
+	if cfg.MountID == "" {
+		return fmt.Errorf("The storage users mount ID has not been configured for %s. "+
+			"Make sure your %s config contains the proper values "+
+			"(e.g. by running ocis init or setting it manually in "+
+			"the config/corresponding environment variable).",
+			"storage-users", defaults2.BaseConfigPath())
+	}
 	return nil
 }