diff --git a/services/50-komga/apache/apache.conf b/services/50-komga/apache/apache.conf
index 679b729..5391664 100644
--- a/services/50-komga/apache/apache.conf
+++ b/services/50-komga/apache/apache.conf
@@ -1,4 +1,12 @@
 
 # Konga
 ProxyPass /komga http://komga:25600/komga retry=0 keepalive=On
-ProxyPassReverse /komga http://komga:25600/komga retry=0
\ No newline at end of file
+ProxyPassReverse /komga http://komga:25600/komga retry=0
+
+<LocationMatch "^/komga/login$">
+    Redirect 302 /komga/oauth2/authorization/keycloak
+</LocationMatch>
+
+<LocationMatch "^/komga/login?redirect=%2Fdashboard$">
+    Redirect 302 /komga/oauth2/authorization/keycloak
+</LocationMatch>
\ No newline at end of file
diff --git a/services/50-komga/env/.env b/services/50-komga/env/.env
index 1d56134..ca95f57 100644
--- a/services/50-komga/env/.env
+++ b/services/50-komga/env/.env
@@ -3,3 +3,4 @@
 
 TZ=Europe/Paris
 SERVER_SERVLET_CONTEXT_PATH=/komga
+KOMGA_OAUTH2_ACCOUNT_CREATION=1
\ No newline at end of file
diff --git a/services/50-komga/tmpl/application.yml b/services/50-komga/tmpl/application.yml
index 5c7893d..002cb91 100644
--- a/services/50-komga/tmpl/application.yml
+++ b/services/50-komga/tmpl/application.yml
@@ -6,7 +6,7 @@ spring:
           keycloak:
             provider: keycloak # this must match the provider below
             client-id: komga
-            client-secret: XXJQwHX4YEQJpGez3nymBh6PgSby3fz9
+            client-secret: changeme
             client-name: keycloak
             scope: openid,email
             authorization-grant-type: authorization_code
@@ -26,4 +26,6 @@ spring:
     enabled: false
   webclient:
     ssl:
-      trust-all: true            
\ No newline at end of file
+      trust-all: true            
+komga:
+  oauth2-account-creation: true   
\ No newline at end of file