diff --git a/src/main/java/eu/m724/mstats/auth/MyHttpAuthenticationMechanism.java b/src/main/java/eu/m724/mstats/auth/MyHttpAuthenticationMechanism.java
index ff2dd2a..08924dc 100644
--- a/src/main/java/eu/m724/mstats/auth/MyHttpAuthenticationMechanism.java
+++ b/src/main/java/eu/m724/mstats/auth/MyHttpAuthenticationMechanism.java
@@ -1,6 +1,7 @@
 package eu.m724.mstats.auth;
 
 import eu.m724.mstats.orm.Server;
+import io.quarkus.logging.Log;
 import io.quarkus.security.identity.IdentityProviderManager;
 import io.quarkus.security.identity.SecurityIdentity;
 import io.quarkus.security.runtime.QuarkusPrincipal;
@@ -14,7 +15,11 @@ import jakarta.annotation.Priority;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.enterprise.inject.Alternative;
 import jakarta.inject.Inject;
+import org.eclipse.microprofile.config.ConfigProvider;
 
+import java.util.Base64;
+import java.util.Optional;
+import java.util.concurrent.ThreadLocalRandom;
 import java.util.function.Supplier;
 
 @Alternative
@@ -24,13 +29,30 @@ public class MyHttpAuthenticationMechanism implements HttpAuthenticationMechanis
     @Inject
     AuthService authService;
 
+    private final String adminToken;
+
+    public MyHttpAuthenticationMechanism() {
+        Optional<String> configuredToken = ConfigProvider.getConfig().getOptionalValue("database.name", String.class);
+
+        if (configuredToken.isEmpty()) {
+            byte[] bytes = new byte[32];
+            ThreadLocalRandom.current().nextBytes(bytes);
+
+            this.adminToken = Base64.getEncoder().encodeToString(bytes);
+        } else {
+            this.adminToken = configuredToken.get();
+        }
+
+        Log.infof("Admin token: %s", this.adminToken);
+    }
+
     @Override
     public Uni<SecurityIdentity> authenticate(RoutingContext context, IdentityProviderManager identityProviderManager) {
         return Uni.createFrom().item((Supplier<SecurityIdentity>) () -> {
             String serverTokenEncoded = context.request().getHeader("X-Server-Token");
 
             if (serverTokenEncoded != null) {
-                if (serverTokenEncoded.equals("secure admni token")) {
+                if (serverTokenEncoded.equals(this.adminToken)) {
                     return QuarkusSecurityIdentity.builder()
                             .setPrincipal(new QuarkusPrincipal("Administrator"))
                             .addRole("admin")