diff --git a/src/main/java/com/tallyto/algafood/core/security/WebSecurityConfig.java b/src/main/java/com/tallyto/algafood/core/security/WebSecurityConfig.java
index a75b085..e7b0735 100644
--- a/src/main/java/com/tallyto/algafood/core/security/WebSecurityConfig.java
+++ b/src/main/java/com/tallyto/algafood/core/security/WebSecurityConfig.java
@@ -2,21 +2,14 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
-import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
 import org.springframework.security.web.SecurityFilterChain;
 
-import javax.crypto.spec.SecretKeySpec;
-
 @Configuration
 @EnableWebSecurity
-@Profile("developer")
 public class WebSecurityConfig {
 
-
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests()
@@ -29,11 +22,5 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         return http.build();
     }
 
-    @Bean
-    public JwtDecoder jwtDecoder() {
-        var secretKey = new SecretKeySpec("df5f8fdd4c0db669bb2d7546584a2ff08694fe29b93426ebbfcf135161029b94".getBytes(), "HmacSHA256");
-        return NimbusJwtDecoder.withSecretKey(secretKey).build();
-    }
-
 
 }
diff --git a/src/main/resources/application-developer.properties b/src/main/resources/application-developer.properties
index 359e27d..10ca5f9 100644
--- a/src/main/resources/application-developer.properties
+++ b/src/main/resources/application-developer.properties
@@ -44,3 +44,5 @@ logging.loggly.token=${LOGGLY_TOKEN}
 #spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=http://localhost:3002/oauth/check_token
 #spring.security.oauth2.resourceserver.opaquetoken.client-id=admin
 #spring.security.oauth2.resourceserver.opaquetoken.client-secret=admin
+
+spring.security.oauth2.resourceserver.jwt.public-key-location=classpath:keys/algafood-pkey.pem
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 7970043..6c92e05 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -39,3 +39,4 @@ spring.freemarker.settings.locale=pt_BR
 spring.mvc.pathmatch.matching-strategy=ant-path-matcher
 server.compression.enabled=true
 logging.loggly.token=${LOGGLY_TOKEN}
+spring.security.oauth2.resourceserver.jwt.public-key-location=classpath:keys/algafood-pkey.pem
diff --git a/src/main/resources/keys/algafood-pkey.pem b/src/main/resources/keys/algafood-pkey.pem
new file mode 100644
index 0000000..fc07275
Binary files /dev/null and b/src/main/resources/keys/algafood-pkey.pem differ