diff --git a/qtc-net-server/Program.cs b/qtc-net-server/Program.cs
index 08664f5..609bafd 100644
--- a/qtc-net-server/Program.cs
+++ b/qtc-net-server/Program.cs
@@ -54,9 +54,12 @@ builder.Services.AddAuthentication().AddJwtBearer(options =>
         ValidateLifetime = true,
         ValidateIssuerSigningKey = true,
         ValidIssuer = builder.Configuration["Jwt:Issuer"],
-        ValidAudience = builder.Configuration["Jwt:Audience"],
-        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]!))
+        ValidAudience = builder.Configuration["Jwt:Audience"]
     };
+
+    if (!string.IsNullOrEmpty(Environment.GetEnvironmentVariable("JWT_KEY")))
+        options.TokenValidationParameters.IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("JWT_KEY")!));
+    else options.TokenValidationParameters.IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"]!));
 });
 builder.Services.AddScoped<IUserService, UserService>();
 builder.Services.AddScoped<ITokenService, TokenService>();
diff --git a/qtc-net-server/appsettings.json b/qtc-net-server/appsettings.json
index 154de67..be2fc5c 100644
--- a/qtc-net-server/appsettings.json
+++ b/qtc-net-server/appsettings.json
@@ -1,6 +1,5 @@
 {
   "Jwt": {
-    "Key": "bgpLLhY2L2UeZN3sj6WwSzScFmY3JgWfs33ZEJNcaPzC2TEnfZz",
     "Issuer": "http://localhost",
     "Audience": "http://localhost",
     "DefaultUserRole": "User"