diff --git a/stirling/secrets.yaml b/stirling/secrets.yaml
new file mode 100644
index 0000000..fb8ed74
--- /dev/null
+++ b/stirling/secrets.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: stirling-auth
+  namespace: stirling
+type: Opaque
+stringData:
+  initialUsername: admin
+  initialPassword: 4IsTheMindKiller
+  oauthClientId: yOhynUW5LD5VHwA5Vu5gSVU3ztv4zEu8rWXr1NuL
+  oauthClientSecret: FwHmRQ7NJS3RZeQBp2qICE0fP5feVmOfhhsEJFzXwHVEa5Yya4n3u5903fWtcC7XLeS46ggVFAqYUxU2u7lPU6YaTxIsoHFKjz4SkVYhKOrDGJxjDwLyqB58Cx9ItVGJ
\ No newline at end of file
diff --git a/stirling/stirling.yaml b/stirling/stirling.yaml
index a49f75b..75e0fc6 100644
--- a/stirling/stirling.yaml
+++ b/stirling/stirling.yaml
@@ -93,22 +93,76 @@ spec:
           env:
             - name: SERVER_ADDRESS
               value: "::"
+
             - name: SECURITY_ENABLELOGIN
               value: "true"
+
+            - name: SECURITY_LOGINMETHOD
+              value: "all"
+
             - name: SECURITY_INITIALLOGIN_USERNAME
-              value: "admin"
+              valueFrom:
+                secretKeyRef:
+                  name: stirling-auth
+                  key: initialUsername
+
             - name: SECURITY_INITIALLOGIN_PASSWORD
-              value: "change-me-now"
+              valueFrom:
+                secretKeyRef:
+                  name: stirling-auth
+                  key: initialPassword
+
+            - name: SECURITY_OAUTH2_ENABLED
+              value: "true"
+
+            - name: SECURITY_OAUTH2_ISSUER
+              value: "https://auth.apps.undercloud.dev/application/o/stirling-pdf/"
+
+            - name: SECURITY_OAUTH2_CLIENTID
+              valueFrom:
+                secretKeyRef:
+                  name: stirling-auth
+                  key: oauthClientId
+
+            - name: SECURITY_OAUTH2_CLIENTSECRET
+              valueFrom:
+                secretKeyRef:
+                  name: stirling-auth
+                  key: oauthClientSecret
+
+            - name: SECURITY_OAUTH2_SCOPES
+              value: "openid,profile,email"
+
+            - name: SECURITY_OAUTH2_USEASUSERNAME
+              value: "preferred_username"
+
+            - name: SECURITY_OAUTH2_PROVIDER
+              value: "authentik"
+
+            - name: SECURITY_OAUTH2_AUTOCREATEUSER
+              value: "true"
+
+            - name: SECURITY_OAUTH2_BLOCKREGISTRATION
+              value: "false"
+
             - name: LANGS
               value: "en_GB,de_DE,fr_FR"
+
             - name: SYSTEM_DEFAULTLOCALE
               value: "en-GB"
+
             - name: SYSTEM_GOOGLEVISIBILITY
               value: "false"
+
             - name: SYSTEM_ROOTURIPATH
               value: "/"
+
+            - name: SYSTEM_BACKENDURL
+              value: "https://pdf.apps.undercloud.dev"
+
             - name: SYSTEM_MAXFILESIZE
-              value: "2000"
+              value: "999"
+
             - name: SYSTEM_CUSTOMSTATICFILEPATH
               value: "/customFiles/static/"
           volumeMounts: