diff --git a/docker-compose.yml b/docker-compose.yml
index fca76e1..d19f3a9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,9 +5,8 @@ services:
       dockerfile: Dockerfile
     container_name: overleaf-mcp
     restart: unless-stopped
-    ports:
-      - "80:80"
-      - "443:443"
+    networks:
+      - qumo_services_proxy_network
     environment:
       - OVERLEAF_EMAIL=${OVERLEAF_EMAIL}
       - OVERLEAF_PASSWORD=${OVERLEAF_PASSWORD}
@@ -18,22 +17,22 @@ services:
       - browser-data:/root/.overleaf-mcp/browser-data
       - pdf-output:/data/resumes
       - latex-output:/data/output
-      # Persist Let's Encrypt certificates
       - certs:/root/.local/share/mcp-auth-proxy
     shm_size: "2gb"
     security_opt:
       - seccomp=unconfined
-    # mcp-auth-proxy flags — passed as command since ENTRYPOINT is set
     command:
       - --external-url
       - https://${MCP_DOMAIN}
       - --tls-accept-tos
-      - --github-client-id
-      - ${GITHUB_OAUTH_CLIENT_ID}
-      - --github-client-secret
-      - ${GITHUB_OAUTH_CLIENT_SECRET}
+      - --oidc-issuer
+      - ${AUTHENTIK_ISSUER_URL}
+      - --oidc-client-id
+      - ${AUTHENTIK_CLIENT_ID}
+      - --oidc-client-secret
+      - ${AUTHENTIK_CLIENT_SECRET}
       - --allowed-user
-      - ${GITHUB_ALLOWED_USER}
+      - ${ALLOWED_USER}
       - --
       - node
       - /app/dist/index.js
@@ -42,4 +41,8 @@ volumes:
   browser-data:
   pdf-output:
   latex-output:
-  certs:
\ No newline at end of file
+  certs:
+
+networks:
+  qumo_services_proxy_network:
+    external: true
\ No newline at end of file