diff --git a/freeleaps/helm-pkg/authentication/templates/authentication/deployment.yaml b/freeleaps/helm-pkg/authentication/templates/authentication/deployment.yaml
index 214924f8..7207d492 100644
--- a/freeleaps/helm-pkg/authentication/templates/authentication/deployment.yaml
+++ b/freeleaps/helm-pkg/authentication/templates/authentication/deployment.yaml
@@ -100,13 +100,16 @@ spec:
           {{- end}}
           env:
             {{- range $key, $value := .Values.authentication.configs }}
+            {{- if not (or (eq $key "jwtSecretKey") (eq $key "mongodbUri")) }}
             - name: {{ $key | snakecase | upper }}
               valueFrom:
                 secretKeyRef:
                   name: authentication-config
                   key: {{ $key | snakecase | upper }}
             {{- end }}
+            {{- end }}
             # inject from secret created by FreeleapsSecret object
+            {{- if .Values.authentication.secrets }}
             {{ $targetSecretName := .Values.authentication.secrets.target.name }}
             {{- range .Values.authentication.secrets.data }}
             - name: {{ .key | snakecase | upper }}
@@ -115,6 +118,7 @@ spec:
                   name: {{ $targetSecretName }}
                   key: {{ .key }}
             {{- end }}
+            {{- end }}
 {{- if .Values.logIngest.enabled }}
           volumeMounts:
             - name: app-logs
diff --git a/freeleaps/helm-pkg/authentication/values.prod.yaml b/freeleaps/helm-pkg/authentication/values.prod.yaml
index 68d37014..cf290612 100644
--- a/freeleaps/helm-pkg/authentication/values.prod.yaml
+++ b/freeleaps/helm-pkg/authentication/values.prod.yaml
@@ -66,15 +66,30 @@ authentication:
     appName: authentication
     devsvcWebapiUrlBase: http://devsvc-service.freeleaps-prod.svc.freeleaps.cluster:8007/api/devsvc/
     notificationWebapiUrlBase: http://notification-service.freeleaps-prod.svc.freeleaps.cluster:8003/api/notification/
-    jwtSecretKey: ea84edf152976b2fcec12b78aa8e45bc26a5cf0ef61bf16f5c317ae33b3fd8b0
     jwtAlgorithm: HS256
     serviceApiAccessHost: 0.0.0.0
     serviceApiAccessPort: 8004
     mongodbName: freeleaps2
     mongodbPort: 27017
-    mongodbUri: mongodb+srv://freeadmin:0eMV0bt8oyaknA0m@freeleaps2.zmsmpos.mongodb.net/?retryWrites=true&w=majority
     metricsEnabled: 'true'
     probesEnabled: 'true'
+  secrets:
+    secretStoreRef:
+      kind: FreeleapsSecretStore
+      name: freeleaps-main-secret-store
+    target:
+      name: "freeleaps-authentication-prod-secrets"
+      creationPolicy: "Owner"
+    refreshInterval: 30s
+    data:
+      - key: jwtSecretKey
+        remoteRef:
+          key: "freeleaps-prod-jwt-secret-key"
+          type: Secret
+      - key: mongodbUri
+        remoteRef:
+          key: "freeleaps-prod-mongodb-uri"
+          type: Secret
   vpa:
     minAllowed:
       enabled: true
diff --git a/freeleaps/helm-pkg/authentication/values.yaml b/freeleaps/helm-pkg/authentication/values.yaml
index 1a5b9910..62fdc64b 100644
--- a/freeleaps/helm-pkg/authentication/values.yaml
+++ b/freeleaps/helm-pkg/authentication/values.yaml
@@ -84,6 +84,24 @@ authentication:
     metricsEnabled: "false"
     # PROBES_ENABLED
     probesEnabled: "false"
+  # AKV secrets configuration
+  secrets:
+    secretStoreRef:
+      kind: FreeleapsSecretStore
+      name: freeleaps-main-secret-store
+    target:
+      name: "freeleaps-authentication-secrets"
+      creationPolicy: "Owner"
+    refreshInterval: 30s
+    data:
+      - key: jwtSecretKey
+        remoteRef:
+          key: "freeleaps-jwt-secret-key"
+          type: Secret
+      - key: mongodbUri
+        remoteRef:
+          key: "freeleaps-mongodb-uri"
+          type: Secret
   vpa:
     minAllowed:
       enabled: false